Mac hacked in 2 minutes

By Express
in Back Page News

 Share

Recommended Posts

Experienced

C_Guy

Posted
Posted
Wrong. Currently they are a lot more secure because there just aren't nowhere near as much real security threats circulating for Mac. Infact the number of those is close to ZERO.

Time to set the record straight (again). You will learn the hard way as will all the people who believe Apple's hype. When Apple is big enough to be a blip on the radar and viruses start to come out everyone will be in a panic because they left their computers unprotected. If Macs were more secure than Windows your argument would be that despite all the threats floating around Macs are not getting hit or not spreading the virus. Just because there aren't many threats discovered/created yet it doesn't logically follow that the system is therefore secure.

If we all used your (Apple's) logic, I could say that my beaten-down screen door is the most secure door in the world. No one has ever broken into my house. But I also live in isolation. Almost everyone else lives in a thriving city and requires deadbolts and strong locks. Sometimes they get broken into by thieves. But my screen door has even better security as I have not once been broken into.

I'm glad your screen door works for now but someone from the city could come out and break into your home and then what will you think of your screen door?

So if Vista will reach the marketshare XP has (won't happen :woot: ) it will be as unsecure as XP?

Let's not talk about marketshare since Apple is enjoying it's single-digit marketshare (which is less than Vista alone)

Rising Star

abcdefg

Posted
Posted
When Apple is big enough to be a blip on the radar
Let's not talk about marketshare

:laugh:

I wouldn't call OS X unprotected. You described default Win XP installation.

You can spend all day looking for threats that would justify running AV in OS X (for other than catching Windows viruses) but end up being empty-handed.

Grand Master

Joshie

Posted
Posted

Disclaimer: Certainly many games are available for users of Apple's OS. For whatever reason, however, one particular franchise seems to be mentioned by the Applese moreso than any other.

Posters in this thread either have to try and keep their own bias for one OS out of their answers or else not answer at all.

Myself included. Be at peace.

The amusing thing about threads like this is that most of the bias expressed is pro-Mac. Statements like "It just goes to show that Mac's aren't as secure as Apple's userbase would like to believe", or "Clearly no OS is secure after all", or even "Vista patches go down, Mac patches go up", don't express any bias whatsoever. Any of them could've been made by a user of any operating system. Even a Mac user could (and many do) say those things without being a hypocrite.

What happens is, somebody says one of those things, and it's like a horn blows, calling the attention of Apple apologists, ready to point out that Vista blows, they can play Civ IV, Apple computers aren't overpriced (and only computers--OS point upgrades, the ipod family, etc, are all left unmentioned), they can play Civ IV, the finer points of what defines 'vulnerability' (also 'hack', 'access', and 'the'), and dammit they can play games too (including Civ IV).

Grand Master

Chicane-UK Veteran

Posted
  • Veteran
Posted (edited)
What happens is, somebody says one of those things, and it's like a horn blows, calling the attention of Apple apologists, ready to point out that Vista blows, they can play Civ IV, Apple computers aren't overpriced (and only computers--OS point upgrades, the ipod family, etc, are all left unmentioned), they can play Civ IV, the finer points of what defines 'vulnerability' (also 'hack', 'access', and 'the'), and dammit they can play games too (including Civ IV).

You know how tiring this gets though? Its not like the Mac is physically incapable of playing games - just that Microsoft has a stranglehold on games development with DirectX. It's like suggesting that Windows is completely incapable of running a Mac specific app like Aperture. Yes, it is - but only because Apple haven't made Aperture for Windows. Windows itself is perfectly capable of running it, just as OSX would be perfectly capable of running any games you cared to throw at it - IF they'd actually been developed!

Sheesh.

And on overpriced equipment - what would you like me to apologise for? Leopard costs ?85. I can get it discounted to ?58. Frankly I feel its worth every single penny. As an 'experience' from a user perspective, I think its one of the most well rounded and best put together operating systems i've ever used - and believe me when I say i've used plenty.. from Windows 2.0 (and onwards), Linux (Debian, RedHat, Ubuntu, Slackware, etc), FreeBSD, SGI Irix, Solaris, BeOS, NeXT, amd so forth - you get the idea.

iPods are expensive - yeah. But they're worth it. I have an iPod Nano 3rd Gen I was bought as a present. I love everything about it, and think it's probably one of (if not the) best gadgets i've ever owned and I have a history of frittering money on pointless toys!

What more do you want me to say?

Edited by Chicane-UK
Mentor

BigBoy

Posted
Posted

Pours some gas on the fire:

The highlight of the day was the presentation given by Stefan Frei and Bernard Tellenback titled ?0-day Patch ? Exposing Vendors (In)Security Performance? covering their analysis of several years of vulnerability disclosures and patching processes from various vendors, and a detailed dissection of Apple?s and Microsoft?s performance. (from the X-Force perspective, we?ve looked this data in the past, however their analysis focused on correlating multiple external data sources and honing in on the CVE-numbered vulnerabilities with full ?cradle-to-grave? disclosIn essence, with their ?0-day Patch? metrics, they managed to show just how far Apple is trailing Microsoft in security patch responsiveness ? in fact, after inspecting their graphs, Apple appears to be trending entirely in the wrong direction; more vulnerabilities, longer patching times, more 0-days, etc. ? not the sort of thing we expect from a well known software vendor.own software vendor.

While I think that there are quite a few reasons wI?d be inclined to say that Apple?s biggest problem appears to be that they treat every new vulnerability as a potential PR disaster rather than an opportunity to visibly reinforce their work in securing their customerssecuring their customers. In recent times this has most critically been reflected in the way Apple works withI?m yet to find a single security researcher that has had any positive things to say about their dealings with Apple?s security teamwith Apple?s security team).

Source here

I think the big picture and the takeaway that people should really get here is - there are problems. Real problems. I am not so much interested in sensationalistic 2 minute hacks or what not. But trends, as described above, are a problem. I do beleive that Apple will come around, but Apple community has to be raising this to them too. Head in the sand is not a good long term security strategy.

I'll go put on my flame resistant suit on now.

Experienced

tablet_user

Posted
Posted
agreed. and yes I use macs. granted unix IS a different beast than windows.

i've gotten just about everyone in my extended family to switch to macs just because they don't have to deal with the security-maintenance [scanning for viruses, malware, spyware, adware, etc.] on a regular basis (which none of them did when they had windows, and unfortunately I'm the family g33k). This made my life a lot easier not having to constantly fix their machines. Don't get me wrong, I think windows is excellent (and still use it daily) as long as you keep up with the security-maintenance.

really cause i dont use AVs or Antispyware apps, i do a monthly scan and i havent had a virus on my windows box since win95

Rising Star

Daxbash5000

Posted
Posted

Everything is hackable regardless - if you know what your doing and are innovative enough you can make your way into anything and do anything you want wile there... I take that to an extreme instance and say if your good enough you could hack a staple and make it a bowl of grape jello.

Grand Master

hotdog666al

Posted
Posted
:laugh:

I wouldn't call OS X unprotected. You described default Win XP installation.

You can spend all day looking for threats that would justify running AV in OS X (for other than catching Windows viruses) but end up being empty-handed.

Seriously, just ignore fanboys. :D

Clean Neowin

Grand Master

n_K

Posted
Posted

It is market share based. Why hack and make exploits for QNX when only a few people use it and you can instead make one for windows and get HUNDREADS OF THOUSANDS of credit card numbers, password and other personal detail from users.

Mac is POS and that has been proven multiple times, so is windows, and hell even some linux distros are (lindows). The xbox 360 hasn't been hacked because there is no need for a larger hard drive, and the XNA is out so people can code so no hacking is needed, PS3 has linux (I think) so no hacking needed there either, the homebrew hackers are all happy.

You can store your encryption key ANYWHERE, but once you use it on a PC, I guarantee that forensic science can get your key, it may take a while but they WILL get it, else the encryption would be illegal like it was back in 1994 but now science has evolved so has the recovery abilities. Hushmail is a fine example of security being overturned.

I would be willing to bet everything I have that if everyone went out and used only Mac from tomorrow onwards, the amount of viruses written for windows would take a VERY SHARP drop.

Collaborator

sh4hb4z

Posted
Posted
If you could follow Bill gates around with a roll of toilet tissue you would huh?

That's low, couldn't think of a informed well thought out reply, instead steep low! You guys make me laugh, nitpicking Microsoft whenever you possibly can, but when facts are added to the equation, you start posting comments like this, lol. Time to get a life...

Grand Master

excalpius

Posted
Posted
Still waiting since March 2001.

Nothing. And these little lab experiments, contests, and "challenges" have been going on for nearly as long.

Until it's in the wild and it's compromised someone's OS X install, it's all just . . .

You keep telling yourself that. The rest of us who've been watching your 100% Apple biased to the point of absurdity posts really enjoy watching you squirm when, heaven forbid, Apple is revealed to be just another computer company, just like everyone else.

Think differently. Think for yourself.

Enthusiast

Tzimisce

Posted
Posted

Did anyone even read this? I don't see how he gets so many kudos, he could have been a script kiddie and done this. They said he navigated to a webpage where he stored his exploit code. He didn't even hack it so much as download somthing that hacked it for him. Brilliant, just cheating.

Grand Master

excalpius

Posted
Posted
Did anyone even read this? I don't see how he gets so many kudos, he could have been a script kiddie and done this. They said he navigated to a webpage where he stored his exploit code. He didn't even hack it so much as download somthing that hacked it for him. Brilliant, just cheating.

It was my understanding that he wrote the code/exploit. He prepared it on the site so it would be easy to prove his point in the contest.

Regardless, the point is made.

Grand Master

+Fahim S. MVC

Posted
  • MVC
Posted
Did anyone even read this? I don't see how he gets so many kudos, he could have been a script kiddie and done this. They said he navigated to a webpage where he stored his exploit code. He didn't even hack it so much as download somthing that hacked it for him. Brilliant, just cheating.

I don't understand - why is that cheating?

Grand Master

p858snake

Posted
Posted
Source: http://news.yahoo.com/s/infoworld/20080327...infoworld/96676

It may be the quickest $10,000 Charlie Miller ever earned.

He took the first of three laptop computers -- and a $10,000 cash prize -- Thursday after breaking into a MacBook Air at the CanSecWest security conference's PWN 2 OWN hacking contest.

Show organizers offered a Sony Vaio, Fujitsu U810, and the MacBook as prizes, saying that they could be won by anybody at the show who could find a way to hack into each of them and read the contents of a file on the system using a previously undisclosed "0day" attack.

Within 2 minutes, he directed the contest's organizers to visit a Web site that contained his exploit code, which then allowed him to seize control of the computer, as about 20 onlookers cheered him on. He was the first contestant to attempt an attack on any of the systems.

Miller was quickly given a nondisclosure agreement to sign, and he's not allowed to discuss particulars of his bug until the contest's sponsor, TippingPoint, can notify the vendor.

Contest rules state that Miller could only take advantage of software that was preinstalled on the Mac, so the flaw he exploited must have been accessible by, or possibly inside, Apple's Safari browser.

No... from what i read it was to find a expoilt in a default install or "shop ready" setup of the MBA which in this case was the safari

Grand Master

tsupersonic

Posted
Posted

Listen mother****ers, you want a real Operating System where you'll be completely safe?

Try OS/2 :D

Sure it's one thing to have malware, but by using a Mac or Linux, you're still on the internet and there are other people that can get to you. Ex: Phising, ID theft, etc. :p

Grand Master

JiveMasterT

Posted
Posted

I actually bought a Mac this past summer because I was interested in the security of them. I knew that with the commercials and crap Apple was pushing out promoting the security and knocking Vista that it would make them a prime target. I mean look wouldn't you love to just stuff them and say "I'm the one who drop kicked Apple while they were in the spot light!"

My macbook has been my primary machine since I bought it and I gotta say I really like it for doing 90% of what I do. Stuff like this gets me excited about the platform though because I hope it leads to progress and more exploring.

Contributor

Eros

Posted
Posted

Vista Laptop was Won!: Congratulations to Shane Macaulay from Security Objectives - he has just won the Fujitsu U810 laptop running Vista Ultimate SP1 after it was installed with the latest version of Adobe Flash. Not only is he the official winner of the Fujitsu laptop, but also $5,000 from us. Shane received some assistance from his friends Derek Callaway (also from Security Objectives) and Alexander Sotirov. If you'll also remember, Shane Macaulay was Dino Dai Zovi's on-site team member at last year's PWN to OWN event in which they ultimately took the top prize.

The new Adobe Flash 0day vulnerability that Shane exploited has been acquired by the Zero Day Initiative, and has been responsibly disclosed to Adobe who is now working on the issue. Until Adobe releases a patch for this issue, neither we nor the contestants will be giving out any additional information about the vulnerability. You will be able to track the vulnerability on the Zero Day Initiative upcoming advisories page.

team_vista.jpg

Above pictured is Aaron from TippingPoint on the left officiating in front of the Fujitsu laptop, while Shane Macaulay and his pwnage assistants Alexander Sotirov and Derek Callaway (next from left to right) refine the Adobe Flash exploit.

So at the end of the last day of the contest, only the Sony VAIO laptop running Ubuntu was left standing.

We had an awards ceremony tonight where we officially handed out both winning laptops as well as brand spankin' new Zero Day Initiative laptop bags. Here are a couple of pics of the happy winners:

charlie.jpg

Above pictured is Charlie Miller whose team won the MacBook Air and $10,000 on day two of the contest.

alex_k2.jpg

Above pictured is winner Shane Macaulay on the right showing off the spoils of victory with his friend Alexander Sotirov on the left.

http://dvlabs.tippingpoint.com/blog/2008/0...day-and-wrap-up

This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Microsoft unveils new Surface Laptop with improved trackpad, Snapdragon X2, and more

      By TarasBuria · Posted

      Microsoft unveils new Surface Laptop with improved trackpad, Snapdragon X2, and more by Taras Buria Microsoft's new Surface Laptop Ultra generated a lot of buzz earlier this month, but in addition to its most powerful laptop with an NVIDIA chip, Microsoft also has a more affordable laptop lineup, which has been waiting for an update for quite a while. Today, Microsoft announced the eighth-generation Surface Laptop. The new Surface Laptop is powered by the Snapdragon X2 Plus and X2 Elite processors. These chips offer faster CPU performance, up to 58% faster graphics, and 80 TOPS Neural Processing Units (NPUs) for on-device AI processing. Like the previous models, these chips retain their great energy efficiency, and Microsoft says that buyers can expect up to 20 hours of work on a single charge. The laptop is available in two sizes: 13.8-inch and 15-inch. You will have a hard time finding visual differences between the new and previous models, as Microsoft is not taking any major design leaps, except for the new Jade color, which may look familiar to Surface Laptop 5 owners. Other colors include Platinum, Black, and Dune. The 15-inch variant got a higher-resolution display. It is a 3,270 x 2,180 resolution screen with a pixel density of 262 ppi (the 13-inch model has a 201 ppi density) and a maximum brightness of 600 nits SDR and HDR. Unlike the Surface Pro 12th-gen, which is available with optional OLED displays, the Surface Laptop sticks with IPS, a 1,300:1 contrast ratio, a 120Hz refresh rate, and a 3:2 aspect ratio. Another notable change in the Surface Laptop 8 is its trackpad. It now provides haptic feedback when you perform various actions in apps and the operating system. It is a relatively new feature that Microsoft brought to Windows 11 in recent updates, and it is only available on certain devices, such as the Logitech MX Master 4, Surface Slim Pen 2, the upcoming Surface Laptop Ultra, and now the Surface Laptop 8. The new Surface Laptop with the new Surface Pro Like its tablet-shaped sibling, the new Surface Laptop is notably more expensive. It starts at a $1,599 for a 13.8-inch configuration with a 256GB SSD and 16GB of RAM. However, in the US, the base model has double the storage while keeping the same price. Available configurations include up to 64GB of memory and up to 2TB SSD (user-removable PCIe Gen4). The Surface Laptop 8 is now available for purchase on the official Microsoft website.
    • Microsoft announces 12th-gen Surface Pro with Snapdragon X2 processors

      By TarasBuria · Posted

      Microsoft announces 12th-gen Surface Pro with Snapdragon X2 processors by Taras Buria So far, 2026 has been rich in Surface announcements. Microsoft started with a fresh lineup of Surface for Business devices powered by Intel's new Core Ultra 300 processors. Then the company revealed the Surface Laptop Ultra, its most powerful laptop with NVIDIA's RTX Spark processor. Now, it is time for new Surface Pro and Surface Laptop models with Qualcomm processors. Microsoft's original Copilot+ PCs with Snapdragon X1 chips debuted in late May 2024. Two years later, Microsoft is finally updating the lineup with new models featuring Snapdragon X2 processors. The 12th-gen Surface Pro continues the well-established formula of Microsoft's flagship tablet, and Microsoft is not even changing colors, as the tablet will be available in three colors: Dune, Black, and Platinum. The most important changes are mostly hidden inside. Microsoft switched from the Snapdragon X1 to the new Snapdragon X2, which promises up to 53% faster graphics performance than the previous generation and up to 15.5 hours of battery life. The built-in NPU is also much more powerful, and it can run at up to 80 TOPS for on-device AI processing. Like before, the new Surface Pro is available with a 13-inch IPS display, and Microsoft is still offering OLED as a separate, more expensive configuration. Speaking of configurations, the Surface Pro will be available with a 10-core Snapdragon X2 Plus or a 12-core Snapdragon X2 Elite. Microsoft expanded the available RAM configurations to 64GB (previously 32GB was the maximum), while storage remains unchanged at 256GB, 512GB, or 1TB of user-replaceable PCIe Gen4 SSDs. The new Surface Pro and the Surface Laptop Other specs remain mostly unchanged. The computer has the same 1440p Windows Hello webcam, two USB4 ports for charging, data, and display output, Wi-Fi 7 and Bluetooth 5.4 support, dual speakers, and compatibility with Surface Pro Signature and Flex keyboards. With that said, there is one very important aspect of the Surface Pro that changed significantly, and it is the price. While the previous-gen Surface Pro launched at $999 for the base configuration, in 2026, the entry-level Surface Pro with Snapdragon X2, 16GB of memory, and 256GB will set you back an eye-watering $1,499. To sweeten the pill, Microsoft is running a limited-time promotion where Surface Pro buyers can get a free Surface Pro 13-inch Keyboard. The promo runs from June 16 through June 30. The new Surface Pro is available now on the official Microsoft Store website.
    • MakeMKV 1.18.4 Beta

      By Copernic · Posted

      MakeMKV 1.18.4 Beta by Razvan Serea MakeMKV is a format converter, otherwise called "transcoder". It converts the video clips from proprietary (and usually encrypted) disc into a set of MKV files, preserving most information but not changing it in any way. The MKV format can store multiple video/audio tracks with all meta-information and preserve chapters. There are many players that can play MKV files nearly on all platforms, and there are tools to convert MKV files to many formats, including DVD and Blu-ray discs. Additionally MakeMKV can instantly stream decrypted video without intermediate conversion to wide range of players, so you may watch Blu-ray and DVD discs with your favorite player on your favorite OS or on your favorite device. Reads DVD and Blu-ray discs Reads Blu-ray discs protected with latest versions of AACS and BD+ Preserves all video and audio tracks, including HD audio Preserves chapters information Preserves all meta-information (track language, audio type) Fast conversion - converts as fast as your drive can read data. No additional software is required for conversion or decryption. Available for Windows, Mac OS X and Linux Functionality to open DVD discs is free and will always stay free. All features (including Blu-ray decryption and processing) are free during BETA. MakeMKV 1.18.4 changelog: Small improvements and bugfixes Notable bug fixes: Fixed linux armhf binary crash on certain architectures Download: MakeMKV 1.18.4 Beta | 15.7 MB (Free, paid upgrade available) Download: MakeMKV for Mac OS X | 41.9 MB Links: MakeMKV Website | MakeMKV for Linux | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • Euro-Office must default to ODF to be considered "genuinely European", LibreOffice argues

      By Paul1979UK · Posted

      They probably should have it where they can open other formats but only save in the open formats.
    • AI Agents Now Score Taco Bell and KFC Workers Via WhatsApp From Day One

      By +TRS-80 · Posted

      The next time you apply for a shift at Taco Bell or KFC, you may be interviewed, assessed, and onboarded by three AI agents named Maria, Daniel, and Claire — and those agents will continue scoring your behavior long after you clock in for the first time.................... For workers applying to or already employed at those chains, the implication is concrete: an AI system is assessing their conversational behavior over WhatsApp and phone calls, storing that behavioral data, and using it to inform decisions about whether they are hired, how they are onboarded, and whether they are flagged as a flight risk https://www.techtimes.com/articles/318390/20260615/ai-agents-now-score-taco-bell-kfc-workers-via-whatsapp-day-one.htm  

  • Recent Achievements

    • One Year In
      Console General earned a badge
      One Year In
    • One Year In
      Twozo Technologies earned a badge
      One Year In
    • One Month Later
      Twozo Technologies earned a badge
      One Month Later
    • Week One Done
      Twozo Technologies earned a badge
      Week One Done
    • Veteran
      branfont went up a rank
      Veteran

  • Popular Contributors

    1. 1
      +primortal
      523
    2. 2
      +Edouard
      207
    3. 3
      PsYcHoKiLLa
      114
    4. 4
      Steven P.
      90
    5. 5
      Nick H.
      71
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!