Mac flaw could let hackers get scrambled data

[msbae]

http://www.msnbc.msn.com/id/32210255/ns/technology_and_science-security/

This article would have sounded less like old news if it actually told me how people hack a Mac through it's Safari browser. All the hackers out there probably know how to accomplish that feat anyway so, there's no harm in describing it (in a simple way for the simple people, of course) to the readers.

 

[Mr. Laser Beam]

Of course a "security expert" would say that. Just to sell antivirus software!

 

[msbae]

Of course a "security expert" would say that. Just to sell antivirus software!

That doesn't necessarily mean he's wrong.

 

[Amaris]

http://www.msnbc.msn.com/id/32210255/ns/technology_and_science-security/

This article would have sounded less like old news if it actually told me how people hack a Mac through it's Safari browser. All the hackers out there probably know how to accomplish that feat anyway so, there's no harm in describing it (in a simple way for the simple people, of course) to the readers.

Glad I don't use Safari!

Anyhoo, he made a mistake. Hackers aren't out to devise pranks and commit crimes, black hats, crackers and script kiddies are out to devise pranks and commit crimes. Most hackers are actually paid by large corporations to find flaws in systems to secure them. Making such a large mistake like that in a tech article makes me cast doubt on the validity of some of what he says.

J.

 

[Shaw]

http://www.msnbc.msn.com/id/32210255/ns/technology_and_science-security/

This article would have sounded less like old news if it actually told me how people hack a Mac through it's Safari browser. All the hackers out there probably know how to accomplish that feat anyway so, there's no harm in describing it (in a simple way for the simple people, of course) to the readers.

Are you a Mac user now?

I'm constantly amazed when people express a (negative) interest in platforms that they don't use. One would hope that if they were happy with their platform of choice that they wouldn't need to worry about what others are using.

I'm guessing that you are thinking about switching... less someone think that you are displaying that same type of hate disease you seem to worry about in others.

As for this report, back in 2006 I helped debunk a falsified presentation given at Black Hat about the vulnerability of the wireless driver used in MacBooks. Had the presenter stuck to the actual facts he wouldn't have gotten any media attention (as the flaw he found was small and unexploitable at the time).

Given that experience, anything presented at Black Hat should be taken with a grain of salt until the smoke and mirrors have been put away.

 

[dru]

The technique — dubbed "Machiavelli" — exploits a vulnerability in the Mac OS X kernel, the heart of the machine's operating system. It only works on machines that have already been victimized, such as ones attacked with the pirated software.

Wait a damn minute.

This "FLAW" only comes into play if the system is already compromised? What the hell kind of fool thing is this to report on? It has nothing to do with a Safari vulnerability.

Obviously you need a trojan horse (like the pirated software mentioned above) which will install software that requires you to input your Admin password and once the user has done this all bets are off pretty much regardless of what OS (Windows 7, Linux) you run.

This is just sensationalism because if they did it on Windows or Linux the "black hat" wouldn't get any press. Does on a Mac the dumb ass press goes "OMG THIS IS NOOZ."

Bah.

 

[msbae]

Are you a Mac user now?

No.

 

[137th Gebirg]

What the hell kind of fool thing is this to report on? It has nothing to do with a Safari vulnerability.

One only has to look at the first two letters of MSNBC. Old rivalries die hard.

Whether true or not, this is exactly why I only use Firefox. IE is a pig and full of exploits and Chrome is one enormous exploit.

 

[Marc]

What the hell kind of fool thing is this to report on? It has nothing to do with a Safari vulnerability.

One only has to look at the first two letters of MSNBC. Old rivalries die hard.

Whether true or not, this is exactly why I only use Firefox. IE is a pig and full of exploits and Chrome is one enormous exploit.

And Apple has just released another update to take OS X to 10.5.8 and includes an update to Safari so this problem may of been solved.

But yes it's always fun to watch people be disingeous in order to bad mouth a product (something Microsoft has made an artform out - and while they aren't aren't always security flaws, there are bugs in Products like Word and Access which can be tranced back to the earlier versions of the programs but have never been fixed)