FBI Agent Talks Crime, Macs 654
hype7 writes "There's an article at SecurityFocus describing a visit an FBI agent to Washington University. His visit was ostensibly about computer security and the general public's complete lack of any idea on computer security whatsoever: 'I have spent a considerable amount in the computer underground and have seen many ways in which clever individuals trick unsuspecting users. I don't think most people have a clue just how bad things are.' His talk ranged from some of the pranks he's seen played on unsuspecting users, to Eastern European extortion of big banks." WeakGeek added, "FBI security guys are using Macs because, 'those machines can do just about anything: run software for Mac, Unix, or Windows, using either a GUI or the command line. And they're secure out of the box.' Another good quote: 'If you're a bad guy and you want to frustrate law enforcement, use a Mac.'"
More good quotes... (Score:4, Funny)
"If you're a glutton for punishment type of guy and you want to frustrate yourself, use a Windows based PC."
"If you're a script kiddie and you want to get caught, use a Windows based PC."
Re:More good quotes... (Score:5, Funny)
Re:More good quotes... (Score:5, Funny)
Re:More good quotes... (Score:3, Funny)
Think about it for a minute. A FBI guy being helpful, and openly answering questions.
Obviously, it's disinformation, saying what is exactly opposite to the truth.
This indicates to me VERY strongly that the JBT's have managed to get keylogger software on ALL new Macs, right out of the box.
As IBM compatables come from hundreds of sources, they couldn't possibly install DRM/Keyloggers in all the machines without it being common knowledge; since Mac is single source, it would be pretty easy.
Re:More good quotes... (Score:3, Funny)
I don't use a Tin Foil Hat, that is a concept used to marginalize their critics by the JBT's. besides, I don't need one in my farraday cage.
(it's a joke)
Re:More good quotes... (Score:5, Funny)
This description is especially atrocious.
Re:More good quotes... (Score:5, Insightful)
Re:More good quotes... (Score:4, Insightful)
I've used Linux for a longer time than most of the slashkids in here have known how to read. Like a lot of Linux users, I went through the silly zealot phase, but luckily, matured enough to make my way out of those woods.
NeXTSTEP and then OS X, for me, was Unix without the hassle of Linux. Way too often on Linux, now and then, I spend more time dicking around with the machine- screwing around with libraries, configurations, all sorts of stuff- than I did doing "real work." That was all fine and dandy when I had an abundance of free-time, prime to be wasted. Not to say that learning- especially enjoyable learning- is a waste of time, but for me, configuring, installing, and doing all sorts of other maintenence on my Linux system is about as much fun as maintaining Windows. When I want to work I want it to work. Sometimes, I may go back on the random weekend to do that 'under the hood' stuff, but I don't want to *have to* spend time under the hood just to keep it running.
With OS X, I had the best of both worlds. I had oodles of stuff to tinker with, to my heart's content- and a lot of it is totally new to an old DOS and Linux user, a brave new world full of all sorts of fun stuff. I can go in and spend time under the hood as much as I like. But, when I haven't the time or the desire to do so, it just works.
For those of you with so much free time as "playing around" with Linux constitutes most of what you consider as using your computer- more power to you. Learning is fun and never a waste of time. But for those of us who want the perks provided by Linux or another Unix-like OS but with a number of positive advantages that impact silly things like "productivity", we have OS X.
Re:More good quotes... (Score:4, Insightful)
The thing I did not like was how hard small things were. Changing the font in xterm. Plugging in an external display. Getting the optimal resolution/refresh rate/color scheme. Laying out your desktop and having the OS remember the layout.
Those things are more annoying than they should be but with OSX, it takes a second to change all of the above, and more.
There is value in knowing how a system operates underneath, but wasting endless hours reading xterm man pages and entering font strings into a config only for them to make no difference is a big waste of time.
OSX still lets you play with the internals but also eliminates the useless functionalities.
Re:More good quotes... (Score:5, Informative)
uh oracle runs on OSX. at work, most of us developers have duplicated almost exactly the way our java/servlet/oracle-db-based web application (portal, 5 million unique page views/day, can't tell u more) runs on our sun solaris production boxes, onto our OS X laptops. yes that includes a copy of Oracle which officially supports OS X. mysql works just fine on OS X too. so does postgres. in fact, just about anything written in C [sf.net] and designed to be compiled with gcc works just fine on OS X. Oh, Apple also implemented its own *fast* version of X11 [apple.com]. it's free with your OS. Any Desktop app u can run on linux runs on OS X just fine. yes that includes everything from Gimp, to Gnome and KDE, i mainly just use Gimp, and it's fast.
you want a free video editing software? how about iMovie [apple.com], which smacks the living shit out of anything the open source community has ever dreamt to produce. the whole iLife suite comes for free with ur new mac. Last xmas i made a few videos using my mom's sony handycam, edited them in iMovie, exported them back to tape, no quality loss as u remain in DV format during the entire process. Then used iDVD to create a DVD with 4 movies and an image slideshow created from selecting one of my iPhoto albums within iDVD. Guess how i picked my movie soundtracks in iMovie? by browsing my iTunes library from iMovie and dragging songs onto the iMovie timeline. Did i mention i did all that on the same laptop i use for application development without breaking anything close to a sweat? After my vacation, i use Apple's free Backup.app to back-up all my movies and dvds projects to DVD to keep my hard drive uncluttered before getting back into work. oh and during this whole process i never ever installed a single piece of software. I simply used my operating system and what came with it out of the box.
Every single USB/1.0-2.0 and/or FireWire-400/800 device you can get your hands on is already compatible with OS X. yeah that includes my nifty USB IBM laser mouse, with 2 buttons, a clickable wheel, and another button to the side, all of which i have configured in OS X thru system preferences to trigger various aspects of expose [apple.com]. If you can plug it into your mac, it works. oh and you might have heard of bluetooth? i've got a sony ericsson t610 phone (t-mobile as my carrier, they rock!). i use iSync, a generic Apple-developed sync'ing API to which all PDA makers already adhere, to synchronize my Address Book and Calendar info onto the phone, and vice-versa. it doesn't stop here.
All bluetooth devices work out of the box too. no software installation required, just run the Apple bluetooth wizard for your laptop to register your device and bickity-bam, you're done.
let's talk more about interoperability here. Apple created cute little applications, disconcerting in their simplicity and ease of use: AddressBook.app, Calendar.app. Most of my IM programs automatically interoperate with my address book, so does Apple's Mail.app, my Calendar can subscribe to others' calendars over HTTP thru standard formats, other applications can interact with it as well. They're simple applications as well as powerful open APIs, all of which interoperate with iSync. iSync essentially means you can have your Palm Pilot, your iPod, your bluetooh phone, your online .MAC account, and whatever exotic PDA-ish device you can think of that somehow plugs into or connects to ur mac, all remain in accurate Sync using Apple's iSync. FOR FREE with your OS. In the windows world, such functionality is partly mimicked by 3rd party services such as intellisync that pick the few most popular devices on the market, creates separate conduits for each one, to in the end sell you a solution that allows you to sync a limited set of devices. If more devices come to the market they'll have to update their software, you'll h
Re:More good quotes... (Score:3, Insightful)
Re:More good quotes... (Score:5, Interesting)
Case in point. I dual boot my laptop. I just added a wireless router to my network. I purchased a Wavebuddy PCMCIA card. It came with a CD with both Windows and Linux drivers. Booted into windows, installed the driver, rebooted, inserted the card and I'm browsing the 'net. Total time expended - 15 minutes.
Booted into Linux, and copied the driver to the laptop. It's source code. Run make and then make install. No errors but no card either. Spend two hours going through the readme and trying various things. No card. Get on the net. The Wavebuddy uses an Atmel chip. Find a different driver that's supposed to work. No dice. More research. The 2.6 kernel supports the Atmel chip directly! Well, been wanting to upgrade the kernel anyway. Download the kernel source. Go through the config script. Compile the kernel. Add the new kernel to LILO and reboot. Under the 2.4 kernel, the card does not work but the power light comes on, indicating the card is power up. Under the 2.6 kernel, no power light. Must have missed a configuration there. Maybe the PCMCIA subsystem isn't loading? Will look into that when I get time to get back into it. So far, have invested about fifteen hours over three days and still have no wireless network under Linux.
The install of Linux has gotten much better, as has the hardware detection. System maintenance, however, is still woefully inadequate. And systems do need maintenance. They get updated, hardware gets changed, files get corrupted.
Linux is getting there. But it ain't there yet.
Re:More good quotes... (Score:5, Interesting)
Re:More good quotes... (Score:3, Funny)
Hey, that's not fair! I don't have a goatee.
And by the way, it's not a machiado, it's a macchiato. Just like I have to keep correcting people on the pronunciation of Mac OS X Jaguar! It'
Re:More good quotes... (Score:3, Interesting)
These issues have been covered to death here on slashdot and other places as they arose. In short:
The DHCP issue: DHCP is inherently insecure, it's just a convenience. Apple's auto-discovery of DHCP server is a convenience feature to allow new boxes to be added to a network with minimal configuration. To exploit this your network would already need to be compromised. Which means you've got bigger problems.
The other issues have bee
Re:More good quotes... (Score:3, Informative)
Oh, and your network doesn't need to be compromised if you're on or near a malicious wireless network, as OS X will cheerfully auto-discover that one as well.
It's not some earth shattering "all your base" sort of flaw, but then, there really a
Apple's in the news now... (Score:5, Interesting)
Hmm. Not *precisely* the kind of publicity the Mac folks were probably looking for, but with their marketshare almost any publicity is good publicity. I just think it's cool that all the FBI Infosec guys are on OS X. Makes me feel good about my migration to the platform as well (as soon as Apple posts the much-awaited G5 price adjustment).
I don't quite understand how people are good at mining data off of *nix but not off of a Mac though -- that part didn't make too much sense. I find it hard to believe that the people they were referring to were on OS9, and if they were on OSX then the boxes basically *are* *nix machines...
Re:Apple's in the news now... (Score:3, Insightful)
Re:Apple's in the news now... (Score:5, Informative)
Of course, you CAN do that on a Mac. Very easily. Either by using FileVault (extremely easy--one checkbox) or by using an encrypted disk image (slightly less easy, but still pointy-clicky).
Re:Apple's in the news now... (Score:5, Interesting)
Old tried and tested tools also aren't available. Have a shared libary incompatibility problem? Forget using "ldd" to figure out how to resolve the situation. It just doesn't exist (unless something changed since the original MacOS X release, which is right around when I ran into this troubleshooting problem). From what I eventually learned, a proprietary utility from Apple was required that had equivalent functionality to ldd.
I suppose this was the "securuty" the FBI agent was talking about. If you don't know how to use the system, then you won't be able to figure out how to break into it.
But security through obscurity is a temporary solution at best. Someone, someday, *will* invest the time to figure out the environment. Obscurity will provide no protection whatsoever against individuals or groups who know the system.
Re:Apple's in the news now... (Score:5, Informative)
Re:Apple's in the news now... (Score:5, Interesting)
Is there something about the design of the Mac that makes it harder to sneak in such a Trojan Horse program?
It's easier and it's harder... (Score:5, Interesting)
But then, it's not hard on Windows either.
The trick is in somehow getting the user to install it (usually by running a helper program). In this, OS X mail clients are extremely uncooperative. Pretty much every mail client (including Mail.app), is very clear about what you are getting (and doesn't hide extensions, that's a big one!). Further, when you try and take an attachment it gives you a clear warning of what you are about to do, and makes the default action to save.
So, you don't need root to do it, but fooling your users (especially without some kind of macro in the mail) is much harder on the mac side, because the users get more prompting on the proper response to untrusted email attachments.
It's amazing how far a dialog box will go, eh?
Re:Apple's in the news now... (Score:5, Informative)
Obviously you've never heard of the Unix Rosetta Stone [bhami.com]. It's certainly the case that you don't know all Unix systems by knowing one. However, I found when I learned my second Unix system, that I understood much better what made it "Unix" as opposed to Solaris, Linux, BSD, whatever. Flexibility is hard, but worth learning.
Re:Apple's in the news now... (Score:3, Informative)
Re:Apple's in the news now... (Score:5, Informative)
No, but you can easily install most of your favorite GNU and Open Source tools. Just use Fink [sourceforge.net]. It's a very easy-to-use package management system based on Debian's apt-get.
That way you don't have to "Forget using "ldd" to figure out how to resolve the situation.".
Re:Apple's in the news now... (Score:5, Interesting)
And yes the gov't has leveraged Microsoft guys to help investigate hacks and such.
Re:Apple's in the news now... (Score:5, Informative)
If you're from linux, be aware that this is BSDish and linux tends towards the sysV style of things. I migrated my personal settings from my linux box and sync them regularly with *no* effort. Just copy vimrc, bashrc, etc.
It is very much unixlike. The file system, even. Yes, the apple stuff is in a seperate place. They keep it out of the unix tree cause it is distinctly non-unixlike. Really, the biggest difference I noticed is that there is no
The naming conventions are UNIX and MAC. what did you expect but a combination? Mac OS X currently ships with an X server that can run fullscreen or managed as apple windows (I use both on different occasions). It's relatively stable, as fast as linux, and very very convenient.
Does it integrate perfectly? no. But it is certainly good enough for everyday use. I use a mac laptop and a headless linux machine. I run apps over X forwarding *all the time* with no trouble, as well as run things like gimp and gnome locally.
Install fink and it gets even more unix-y, if that is what you want. Most common unix apps are available and easy to install using fink, of course even without that, you're stil running something that's very very BSDish.
I think the FBI man was speaking of a few things-
-Auto hard disk encryption at the click of a button makes it too easy for someone engaged in illegal activities to hide their tracks.
-Macs resemble unix machines in many many ways and I'd imagine it's hard to tell the difference over a network at first glance.
-Their equipment is probably not well equipped for HFS+ yet. That will take little time as darwin is open source and supports it (via changes that apple folded in) and it should be simple to use that code in order to make support for other operating systems, if they are so inclined.
Parent obviously is not aware of the realities of Mac OS X today. It practically
Brian
Re:Apple's in the news now... (Score:3, Funny)
otool instead of ldd (Score:3, Informative)
Mac OS X has otool(1), specifically otool -L, and it's been in Mac OS X since the beginning. See the man page for more details. This is no more security by obscurity than a Windows developer not knowing about ldd.
otool is a bit more flexible than ldd, since ldd requires that you actually execute the code in question and watches what gets loaded. otool lo
Re:otool instead of ldd (Score:4, Insightful)
Run most Linux distributions 'strace ldd
fork() = 3828
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
--- SIGCHLD (Child exited) ---
wait4(-1, [WIFEXITED(s) && WEXITSTATUS(s) == 0], WNOHANG, NULL) = 3828
and
97444 ldd CALL fork
97444 ldd RET fork 97445/0x17ca5
97444 ldd CALL wait4(0xffffffff,0xbfbff580,0,0)
97444 ldd RET wait4 97445/0x17ca5
respectively, well after the ldd binary is loaded (you can see it in the full strace/ktrace output).
From FreeBSD's ldd:
case 0:
if (is_shlib == 0) {
execl(*argv, *argv, (char *)NULL);
warn("%s", *argv);
} else {
It runs the binary with a special environment variable which tells the dynamic loader to just spit out the library list. The code that does that is in
In regards to shared libraries, it uses dlopen instead of running the library - on FreeBSD.
Re:Apple's in the news now... (Score:3, Informative)
You're not quite correct. Like I said, this was due to a troubleshooting problem. Your assertion is proven false simply because I had to learn this stuff to troubleshoot a problem with shared library compatibility problems.
2. ldd is hardly universal.
Show me an operating system that *doesn't* have ldd as a utility. Other than MacOS X. I know AIX, Solaris, Linux, HP-UX support that utility. I'm not
Do be a tad careful... (Score:5, Informative)
The rest of the *NIX development world would be much nicer if they adopted a similar scheme.
Standard shared object libraries in OS X are just that, and are subject to all the pitfalls normally found... ohh.. except one. Since Apple uses a two-level namespace scheme, you see name collisions less. Oh, and they do prebinding very aggressively.
It's pretty much a superior setup to the average linux world. But then, we paid for something besides just iCandy, right?
Show me a reason why OS X should have ldd when the superior otool exists. C'mon! To make you feel more comfortable? To make you feel more loved?
Dude, if you're a developer doing cross platform development, then turn around and complain how annoyed you were at not finding ldd, discontinue cross-platform development. If you can't even be bothered to check the unix rosetta stone for something that simple, then you're not the kind of battle-hardened, talented person that is required to do real cross-platform development.
Perhaps you were just porting? Still no sympathy. Learn your target platform. It's not even like it's hard anymore! You have libtool [gnu.org], autoconf [gnu.org] and automake [gnu.org] these days. Cross platform development is actually feasible these days, albeit difficult!
Even with services running, it's harder to break into a mac. Apple's security update scheme is extremely aggressive. This is especially true when dealing with holes in trusted services like SSH and Apache.Re: IRIX != Solaris != HPUX != AIX != SCO != OS X (Score:5, Informative)
You can easily see who's related to who. I might note that Solaris is much further from what we modernly call BSD than some of the others you named. I won't speak of IRIX, but AIX is a weird kind of BSD variant, as is HPUX. OSX is very very close to FreeBSD.
Re: IRIX != Solaris != HPUX != AIX != SCO != OS X (Score:3, Funny)
"Huh. QNX. SCO. BSD. Uhh... OW!"
Re:Apple's in the news now... (Score:5, Informative)
ipconfig and ifconfig. underneath everything is darwin. all the gui apps are is front ends for command line utils. even all the netinfo functions, (ni*) are all command line functions. i won't get into the whole "is os x unix " flame war, however, it seems to me that the *nix way for most gui config tools is to be simply a front end for command line apps. in fact, when you buy os x server, you are really buying the config and monitoring tools. even apple pimps the fact that if you are a unix savy cli guru, you won't need all the gui tools. and if you are, than you can run all the servers off of plain ole' panther.
Re:Apple's in the news now... (Score:5, Informative)
Of course, NTFS also allows for encrypted files.. Though, I've never seen any details about how good it is.
In OS X, it's a simple system preferences option to enable this feature.
Re:Apple's in the news now... (Score:4, Insightful)
Re:Apple's in the news now... (Score:3, Informative)
loop-aes still the best (Score:3, Informative)
Re:Apple's in the news now... (Score:5, Funny)
> enforcement, use a Mac."
Great. Now using a Mac will be considered to be probable cause.
And apparently so too are Canadians... (Score:5, Funny)
Re:And apparently so too are Canadians... (Score:3, Funny)
According to the CIA factbook, it's actually industrial machinery. Canada's major exports are (in order) motor vehicles and parts, industrial machinery, aircraft, telecommunications equipment; chemicals, plastics, fertilizers; wood pulp, timber, crude petroleum, natural gas, electricity, aluminum
Canada is also the USA's largest trading partner by a wide margin, accounting for 23% of all US exports and 18% of all US imports. The next most
Re:Apple's in the news now... (Score:5, Funny)
good news...bad (Score:3, Interesting)
Years ago, British Leyland ran a full page ad in the Times, apologizing for the efficiency of the Land Rover, and how it was supposedly enabling poachers in Africa to stay one step ahead of the law. Rovers still rule, and Macs will continue as well.
Just remember, the best way to live outside the law is to stay within it.
Re:Apple's in the news now... (Score:4, Interesting)
Well, except they don't (usually) use a UFS formatted drive, they use HFS+, which is a totally different animal. Yes you can install OS X on a UFS partition, but many apps will not run on a drive formatted as such. I suspect what he was referring to is the lack of a data mining program written for HFS+.
Apple "frustrates" law enforcement? (Score:3, Interesting)
My question; If the Computer Security team at the FBI uses alot of Macs, wouldn't you think
Re:Apple's in the news now... (Score:4, Interesting)
Know of any other UNIX-like operating system that uses HFS+?
When I first read the article, that's what I assumed that he meant, also. That, and Open Firmware passwords, + now FileVault, make it pretty hard to get my data without getting a password from me.
It's the HFS+ and I would assume the lack of PPC compatible forensic utilities that make this difficult. Even if OS X =Unix, if the tool you care to use you don't have the source for, and it's not in general release, you can't just recompile it.
Now I hate my new
Re:Apple's in the news now... (Score:3, Insightful)
In a forensic environment, which was what this article was discussing, the examiner has to get past my login to get my data. so whie it might be easy to get me to run code that breaks my encryption, it's harder to get someone else to do it.
And, btw, these recent "email virus" things demonstrate nothing about how secure OS X is; it's harder to get OS X to run arbitrary attachments as binaries, simply because the mail client doesn't allow random attachments to have execute privileges.
Perhaps other agencies as well.... (Score:5, Interesting)
Re:Perhaps other agencies as well.... (Score:5, Funny)
Forget Macs... (Score:3, Insightful)
Well Duh (Score:3, Funny)
Gee, I wonder how all these horrible viruses, worms, etc. can spread so fast.
. . . most ordinary computer users have no idea about what security means. They don't practice secure computing because they don't understand what that means.
Oh. *smacks head*
Apple dot edu (Score:5, Funny)
Shoulda taken the blue pill.
Re:Apple dot edu (Score:3, Funny)
Comment removed (Score:5, Informative)
Re:Apple dot edu (Score:5, Interesting)
Damn thing took 13 Critical Updates/Service Packs before it was done. (WinXP) Then she proceeded to check her email, which she had not checked for 4 days becuase she was on the road. Her email in box had 126 copies of MyDoom.A in it.
She had only had the computer for less than 3 hours since purchase, not even finished setting the fucking thing up, and she had to update the OS 13 times and had 126 viruses in her email. And this without any doing on her part.
Thats pretty fucking sad. I'm glad I got my G5. Everything a bit more relaxed. :)
So.. (Score:5, Funny)
Re:So.. (Score:5, Funny)
Vendor Integrity? (Score:3, Insightful)
You can't get better promotion than this (Score:5, Funny)
The benefits of relative obscurity (Score:5, Interesting)
It's always been my experience that the guys are hot on Windows, pretty good on *nix, but very very few know anything about Macs -- my guess because of their law enforcement background, where they used and were trained on PCs.
A predominant amount of their work seems to be recreating or capturing MS Outlook mailboxes (looking for the smoking guns). They aren't as cluey on Eudora (presumably because most corporate enterprises don't use it).
Small market share means that the majority of people focus on the system(s) that form the majority of OS/apps used -- a trait which appears to extend to law enforcement and makers of forensic programs. But the really good professionals are always interested in asking "so just how does this work on a mac" and discussing the similarities/differences...
But seriously . . . (Score:3, Insightful)
1) Watch TV (lord knows what . . .)
2) drink some booze and hang with the buddies
3) read about Internet Security so he doesn't go around speading some damn garbage around to everyone else.
Numbers one and two likely describe your average user, number three is generally the type of person reading slashdot. I guess we need to get security "cool" now for people to take notice.
somebody should send this... (Score:5, Interesting)
I don't recall his name, but I remember the sensationalist tone of his article, the minimal facts, and the gloating that Windows was no longer alone in being vulnerable. It's probably asking a bit much for him to read the article without his "I Love Windows Blindly" hat on, but maybe he (and others whose love of bashing the Mac seems to exceed anyone else's love of anything, including the so-called "Mac zealots") might be begin to accept reality.
You probably mean (Score:3, Informative)
I find it somewhat amusing that he harps on and on and on about the slightest little problem with any other platform -- particularly the mac -- but has almost completely ignored the latest couple of mail worms pestering his platform-of-choice.
Re:You probably mean (Score:3, Informative)
My experience with law enforcement... (Score:5, Insightful)
In the past, I could send them detailed logs, including TCP dumps, of people controlling DDOS networks, threatening people, bragging about committing DDOS. And nothing would happen. More recently, a friend of mine had serious threats to her and her child from a stalker - who authorities proceeded to track to Atlanta. But they seemed to miss the fact that he was repeatedly coming from a dialup IP address in Toronto.
Law enforcement on the internet needs to be put into the hands of a capable multinational group with laws that are defined to cross boarders. Until then, DDOS kiddies will still be running around quite loudly proclaiming their existance.
I *heart* OSX (Score:5, Interesting)
As far as Linux distros go, Yellow Dog Linux runs very nicely on most older Macs.. but as of yet there is no support for the Radeon 9600 in my book. Text is fine for most stuff but I'd love to run KDE or Gnome in Yellow Dog.
Anyway, I think Apple's got a real opportunity. The Virginia Tech cluster shows their potential and this article is good PR, despite the "frustrate law enforcement" comment. Seeing a room full of Powerbooks at NASA was pretty cool, too.
Less of a target != less secure (Score:5, Informative)
I love how people always seem to think that there are fewer vulnerabilities simply because the mac has a much smaller market share. Sure, it makes sense unless you're actually paying attention. Yes, Apple has had to issue some security updates recently. No, Mac OS X is not perfect. But it beats the hell out of operating systems that ship with holes so big you can drive a truck through with room to spare.
The first thing you have to do when you install the OS is create a user account and a new password. Macs ship with most services disabled by default, and they've got a point-and-click firewall that can be enabled in a matter of seconds. Macs are not secure because no one uses them. They are secure because they do not make the same common mistakes that Microsoft seems to do constantly. They're secure because you don't hear about huge break-ins, loss of data, or life-threatening situations caused by failed security systems. And they're secure because the folks that depend most upon security seem to turn their head more and more these days towards that odd fruit on the other side of the fence. The fact that Apple has issued patches recently is not a red flag. Everyone has to patch their OS. It would be a red flag if they hadn't patched it in a timely manner, like some others that we always seem to hear about.
Of course, they're expensive as all hell, and their isn't enough software for them, but that's another story. ;-)
Re:Less of a target != less secure (Score:5, Informative)
Re:Less of a target != less secure (Score:3, Funny)
Of course, they're expensive as all hell
PC viruses spawn $55 billion loss in 2003" [com.com]
You can pay a little more now for secure systems, or you can pay a lot later to clean up the mess when every Swiss cheese Windows box on your LAN gets assraped because one moron in your company can't resist clicking on every attachment in their Outlook inbox.
Sensationalism (Score:4, Insightful)
Seriously, to me this sounds like sensationalism. Like, a good sound byte to attract attention. If you tell people that things are worse than they could ever imagine, you're not going to do much except scare people. And most of the time it's not that bad.
I'd like to think that (like most slashdotters) I'm not unaware of what goes on in the "computer underground". I'm not in it, but it's not like I'm ignorant of the fact that it exists. The tools on packetstorm are enough to scare any non-tech person into submission, if they knew what they could do, yet I don't lose sleep over it.
I'd like to think that, while there are lots of "dumb" users out there, there are a lot of us tech guys, the guys behind the switches and administering the servers, who are looking out for them, much like shepards.
There are a couple of simple rules to follow:
1.) If it's on the internet, it can be hacked.
2.) If it's backed up, it can be restored.
3.) If it's patched, it's less likely to be exploited.
4.) Ease of use and security are inversely proportional.
I don't resent people like my mom who wouldn't know spyware from cookware. I do what I can for her, computer wise. And she cooks for me when I come home. I consider it an even trade.
~Will
Re:Sensationalism (Score:3, Insightful)
Aha! (Score:5, Funny)
Nice try Mr. FBI man! This is just a thinly veiled plot!
1) Tell public to use FBI to foil law enforcement.
2) ???
3) Profi^WProsecute!
Someone hand me my tinfoil hat, I'm off to search for nsa_key in Darwin.
Macs for Crooks (Score:5, Interesting)
LK
Well I don't really give a fuck if you believe me (Score:3, Insightful)
Post misrepresents the facts (Score:5, Informative)
from article: "many of the computer security folks back at FBI HQ use Macs running OS X, since those machines can do just about anything: run software for Mac, Unix, or Windows, using either a GUI or the command line. And they're secure out of the box."
The post quote implies that all FBI computer security agents, or at least the majority, use Macs. The second quote, from the actual article, implies that only some unspecified number of FBI computer secuirty agents use Macs. Please don't butcher wuotes to mislead.
Word from the other side (Score:4, Informative)
I am an expert witness who works against these (FBI) guys in criminal cases. They have a whole division of the D.C. computer forensics office dedicated to Macs. A stock question they ask in trial is "OK, general computer forensics dude, what percentage of your time is spent working with Macs?" For most general security experts, this is 10-20%. Then they pull somebody out who does nothing but analyze Macs.
rant (maybe) (Score:3, Interesting)
Macs are shipped with a relatively high level of security in that things (servers/daemons) are turned off by default.
The most significant security hole in OS X (IMHO) for a non-server perspective was the DHCP hijacking. This was a local subnet potential exploit that one should take very seriously, but not one to affect most people.
It is very likely that the FBI agent computers that run MacOS X are used for things like e-mail, web browsing, generating documents (Word and Acrobat), PowerPoint presentations, and other normal business applications. There is also the probability that they are used to run more specialized Window and Unix based applications.
Duh, the agent said that MacOS X was used because they can run these types of programs. One computer, many applications. Side-note: I use OS X because I have to use MS Office, Acrobat, Illustrator, X11, Motif, OpenGL, write programs in C/C++ using X11, OpenGL, and X11, perl, Tkl, as well as others. I want one computer to use, not two or three.
Going back to security, the last significant Mac based problem was the Autostart worm that went around some years ago. This flaw was due to QuickTime automatically starting an application when a CD was inserted in one's computer. This is no longer a problem, AFAIK.
I work in a heterogeneous computer environment. Windows (95 to XP), UNIX (IRIX, Solaris, HP-UX), Mac (OS 9 to X), and VMS (sob). Except for VMS, the Mac OS based systems are the easiest to maintain with regard to network security.
Finally, the FBI needs to get more experience with HFS+ file systems. If they the requisit experience and knowledge, then says to me that the FBI agents using OS X are using their systems to do more mundane things like generating documents, reading e-mail, etc... Then again, this might be a lesson that others should consider.
Adjust Your Deflector Beanie! (Score:3, Funny)
Sure, right. That's what he wants you to think!
Dave Thomas (Score:4, Funny)
Take off, eh? (Score:3, Funny)
He must have been the other Dave Thomas [youhoser.com]!
Okay! That's my post, so good day, eh?
alarmed but not alert (Score:5, Funny)
I'd tell the server guys but they use Linux so you can't trust them not to 0wn your box...
In-fact they could be watching what I'm typing right now... AHHH... one's walking over this way...
[good - I hid under my desk and he seems to have gone away... I think I'll make a break for it]
If this message gets through the web of proxies set to trap and stop my messages... send help..
The MAC (Score:3, Funny)
bad guys (Score:3, Funny)
And i was thinking bad guys always used 3D interfaces with lots of moving things in the background typing commands like "send worm" "hack 127.0.0.1" etc.
I am a security threat (Score:3, Funny)
Re:Security by Obscurity? (Score:5, Insightful)
Bullshit. Market share has nothing to do with it. There's at least as many Apache-based servers out there as IIS, but there are like 2 Apache worms.
And frankly, there are enough Mac-haters around that surely some would like to take Apple down a peg via a virus or some sort of exploit in OS X. How come it's never happened? How come in three years there hasn't been a single OS X virus discovered?
Apple have had several fixes just in the last few months fixing remote root access vulnerabilities.
Yeah, and the difference is, they were found and fixed without being maliciously exploited. Most of them were very unlikely to be exploited anyway, or were found in services that were off by default. The last one I heard about would allow a brand new machine to get owned if a rogue DHCP server happened to be sitting on the LAN. Yeah, that's likely to happen.
Contrast this with Windows, where shit is wide open by default, and the first anyone hears about a hole is usually when it has already brought the internet to a crawl. Not that patches for exploits do any good when people don't apply them-- I just took a look in my firewall logs, and I'm still getting Nimda and Code Red infection attempts.
Another clueless anti-mac guy (Score:5, Interesting)
One of the nice things about the Mac is that most of the services are shipped off by default - like SSHD. So even if a hole is discovered in a service, not EVERYONE is going to be vulnerable by default without taking specific action.
Re:Security by Obscurity? (Score:5, Informative)
1. Windows defaults to let users run as root. Neither Mac OS X nor Linux do that.
2. (already noted) Macs ship with most ports shut down.
3. BSD has been combed over for years, and many eyes have searched for vulnerabilities. A lot have already been solved. Nobody can look at Windows code.
4. Macs have fewer application vulnerabilities (because unlike Windows, most applications can't make root system calls and run programs as root (for example, MS Outlook).
Sorry to be repetitive.
Bzzzt. Wrong. (Score:5, Informative)
Honestly, the security by obscurity thing has been disproven so many times, in so many ways for Mac OS X that I find it impossible that you're unaware. Granted, Mac OS X has security issues patches, but don't make me get into the horrid falacy: "macs are just as insecure as any other OS." They are, by design, far more secure. The exploits possible on a PC are not possible on a Mac due to Outlook, IE, messenger services, etc.
Seriously. Thanks for a good laugh. In case you're missing out on the needed information, here it is. This article sums it up very well.
http://www.theregister.co.uk/content/4/34554.ht
Re:Security by Obscurity? (Score:5, Informative)
In theory you are right, the vunerabilitys in Outlook could apply to any Unix mail client. In practice they don't though. All unix mailers that I know of (pine, mutt, kmail, and so on) do not by default run programs they get from email. You might be able to configure kmail to do so, but it isn't the default. I'm sure that some mailers considered it, but once outlook got exploited a few times they re-considered. (I have no idea why Microsoft still hasn't).
If that isn't enough for you, most unix systems allow the sysadmin to prevent the user from running arbitary programs. If the sysadmin didn't install it you can't run it, (just mount /home and /tmp with -noexec) after which time you just make sure that the installed mail clients don't allow scripts. Okay, it is slightly more complex than that, but a good sysadmin can deal with it. AFAIK, Windows doesn't have this ability so an admin can't lock things down this way.
Re:Not secure out of the box (Score:5, Informative)
Apple has also been doing unix since 1987 (if I have my years correct) with it's first release of A/UX, a product they supported for almost 10 years afterwards, and through three versions. If that's counted along with their work on NeXTSTEP->OSX, then that's 17 straight years of UNIX experience within the company.
Re:Not secure out of the box (Score:3, Informative)
Re:Security by Obscurity? (Score:5, Informative)
It's not too unlike how genetic variation limits the spread of real viruses.
Re:death before Mac (Score:4, Informative)
PSA -- Mac keyboards are very handy on a PC. They will detect in XP as a Mac USB Keyboard, and will run without having to install any additional drivers.
The only unfortunate thing, Mac designed them for little girl's fingers, so there are no gaps between the function keys. But the feedback is amazingly light, lighter than any PC keyboard I tried during my visits to CompUSA and MicroCenter. Not bad, at all, for $60. There is also no funky side-crunch. You know, like on the MS ergonomic keyboards from a couple of years ago. You can hit any part of the key and it still presses silently and smoothly.
My next plan is to put a couple of blue LEDs under the acrylic on the bottom. Since it's clear, it should illuminate very well.
New Mac commercial starring bin Laden (Score:5, Funny)
Re:Just what we needed (Score:3, Funny)
Good God, man, you're right! How have I missed it all these years.... That explains why they chose BSD for the core of OS X too; the logo.
Re:Price (Score:3, Interesting)
Re:Wasn't there a brief time (Score:3, Informative)
Re:Wasn't there a brief time (Score:3, Informative)