Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security Businesses OS X Operating Systems Apple

FBI Agent Talks Crime, Macs 654

hype7 writes "There's an article at SecurityFocus describing a visit an FBI agent to Washington University. His visit was ostensibly about computer security and the general public's complete lack of any idea on computer security whatsoever: 'I have spent a considerable amount in the computer underground and have seen many ways in which clever individuals trick unsuspecting users. I don't think most people have a clue just how bad things are.' His talk ranged from some of the pranks he's seen played on unsuspecting users, to Eastern European extortion of big banks." WeakGeek added, "FBI security guys are using Macs because, 'those machines can do just about anything: run software for Mac, Unix, or Windows, using either a GUI or the command line. And they're secure out of the box.' Another good quote: 'If you're a bad guy and you want to frustrate law enforcement, use a Mac.'"
This discussion has been archived. No new comments can be posted.

FBI Agent Talks Crime, Macs

Comments Filter:
  • by R33MSpec ( 631206 ) * on Thursday January 29, 2004 @09:37PM (#8130852) Homepage
    More good quotes:

    "If you're a glutton for punishment type of guy and you want to frustrate yourself, use a Windows based PC."

    "If you're a script kiddie and you want to get caught, use a Windows based PC."

    • by Anonymous Coward on Thursday January 29, 2004 @09:54PM (#8131001)
      "If you're a sadist/masochist when it comes to everyday uses for your PC, use a Linux based PC.
    • Duh. Guys.
      Think about it for a minute. A FBI guy being helpful, and openly answering questions.
      Obviously, it's disinformation, saying what is exactly opposite to the truth.
      This indicates to me VERY strongly that the JBT's have managed to get keylogger software on ALL new Macs, right out of the box.
      As IBM compatables come from hundreds of sources, they couldn't possibly install DRM/Keyloggers in all the machines without it being common knowledge; since Mac is single source, it would be pretty easy.
    • by binarybum ( 468664 ) on Thursday January 29, 2004 @11:39PM (#8131724) Homepage
      how about: "if you're an illiterate fool post to slashdot-- or become a /. editor"

      This description is especially atrocious.
  • by danielrm26 ( 567852 ) * on Thursday January 29, 2004 @09:37PM (#8130853) Homepage
    "If you're a bad guy and you want to frustrate law enforcement, use a Mac."

    Hmm. Not *precisely* the kind of publicity the Mac folks were probably looking for, but with their marketshare almost any publicity is good publicity. I just think it's cool that all the FBI Infosec guys are on OS X. Makes me feel good about my migration to the platform as well (as soon as Apple posts the much-awaited G5 price adjustment).

    I don't quite understand how people are good at mining data off of *nix but not off of a Mac though -- that part didn't make too much sense. I find it hard to believe that the people they were referring to were on OS9, and if they were on OSX then the boxes basically *are* *nix machines...
    • I think the prob is they haven't yet gotten all the protocol worked out on this... the hfs+ file system causes some problems. Really they can boot those Macs into firewire target disk mode and dump em quite easily. Maybe an Open Firmware password is blocking that, there's steps to disable this also, perhaps it's just fear of the unknown. ;-) I think most of the criminals they run into are running Windows or Linux, price reasons and such... parents basements. ;-)
      • by Anonymous Coward on Thursday January 29, 2004 @10:14PM (#8131154)
        Um... duh? If you have physical access to ANY computer, you can get at the information on it. The only exception is a system in which all the data on the disk is encrypted.

        Of course, you CAN do that on a Mac. Very easily. Either by using FileVault (extremely easy--one checkbox) or by using an encrypted disk image (slightly less easy, but still pointy-clicky).
    • by Surazal ( 729 ) on Thursday January 29, 2004 @09:49PM (#8130954) Homepage Journal
      I have minimal experience with the new MacOS X, but what little I know is enough to convince me that MacOS X is "different" enough to confuse even experienced Unix users. The directory structure is vastly different in a number of ways, and the GUI isn't X. It's really what Unix would have looked like if we lived in an alternate universe and the naming conventions were wildly different.

      Old tried and tested tools also aren't available. Have a shared libary incompatibility problem? Forget using "ldd" to figure out how to resolve the situation. It just doesn't exist (unless something changed since the original MacOS X release, which is right around when I ran into this troubleshooting problem). From what I eventually learned, a proprietary utility from Apple was required that had equivalent functionality to ldd.

      I suppose this was the "securuty" the FBI agent was talking about. If you don't know how to use the system, then you won't be able to figure out how to break into it.

      But security through obscurity is a temporary solution at best. Someone, someday, *will* invest the time to figure out the environment. Obscurity will provide no protection whatsoever against individuals or groups who know the system.
      • by aurum42 ( 712010 ) on Thursday January 29, 2004 @10:02PM (#8131066)
        The tool you want is "otool" (with -l) - and sources are available, and it comes standard with the system (possibly with developer tools, but that comes in the standard package).
      • by LostCluster ( 625375 ) * on Thursday January 29, 2004 @10:04PM (#8131080)
        Most of the cops-catch-bad-guy-via-computer-hack stories have involved the cops having a trusted friend send a greeting-card-ish program that installs a key logger which eventually grabs the password and suddenly all is decrypted.

        Is there something about the design of the Mac that makes it harder to sneak in such a Trojan Horse program?
        • by Paradox ( 13555 ) on Thursday January 29, 2004 @11:50PM (#8131793) Homepage Journal
          Well, to actually implement a semi-global keylogger in OS X is trivial. You simply put an appropriate .bundle in ~/Library/InputManagers . No root required. Every subsequent program opened will (attempt) to link and run this code. Since .bundles can be versioned, you can even make a platform-specific version.

          But then, it's not hard on Windows either.

          The trick is in somehow getting the user to install it (usually by running a helper program). In this, OS X mail clients are extremely uncooperative. Pretty much every mail client (including Mail.app), is very clear about what you are getting (and doesn't hide extensions, that's a big one!). Further, when you try and take an attachment it gives you a clear warning of what you are about to do, and makes the default action to save.

          So, you don't need root to do it, but fooling your users (especially without some kind of macro in the mail) is much harder on the mac side, because the users get more prompting on the proper response to untrusted email attachments.

          It's amazing how far a dialog box will go, eh? :)
      • by More Trouble ( 211162 ) on Thursday January 29, 2004 @10:18PM (#8131179)
        Old tried and tested tools also aren't available.

        Obviously you've never heard of the Unix Rosetta Stone [bhami.com]. It's certainly the case that you don't know all Unix systems by knowing one. However, I found when I learned my second Unix system, that I understood much better what made it "Unix" as opposed to Solaris, Linux, BSD, whatever. Flexibility is hard, but worth learning.

        :w
      • ldd is called "otool -L" on OS X. Hope that helps.
      • by ImTwoSlick ( 723185 ) on Thursday January 29, 2004 @10:45PM (#8131359)
        Old tried and tested tools also aren't available.

        No, but you can easily install most of your favorite GNU and Open Source tools. Just use Fink [sourceforge.net]. It's a very easy-to-use package management system based on Debian's apt-get.
        That way you don't have to "Forget using "ldd" to figure out how to resolve the situation.".

      • by TheGrayArea ( 632781 ) <graymc@@@cox...net> on Thursday January 29, 2004 @10:47PM (#8131373) Homepage
        When I used to work at Microsoft one of the guys from my team moved over to the Security Response team (yea, he was busy as hell). He would give classes to FBI and other gov't type guys on computers and security. He had these hillarious stories about having to teach some of the guys to use a mouse and giving them the 5'th grade definition of "internet" so they'd understand it.
        And yes the gov't has leveraged Microsoft guys to help investigate hacks and such.
      • by zorander ( 85178 ) on Thursday January 29, 2004 @11:16PM (#8131570) Homepage Journal
        Guess what? Different unixes have different dynamic linkers. This is no big surprise.

        If you're from linux, be aware that this is BSDish and linux tends towards the sysV style of things. I migrated my personal settings from my linux box and sync them regularly with *no* effort. Just copy vimrc, bashrc, etc.

        It is very much unixlike. The file system, even. Yes, the apple stuff is in a seperate place. They keep it out of the unix tree cause it is distinctly non-unixlike. Really, the biggest difference I noticed is that there is no /lib. So what, they decided to keep libraries in /usr/lib? this doesnt really present too much of a problem, as it takes about five seconds to notice and adjust to that.

        The naming conventions are UNIX and MAC. what did you expect but a combination? Mac OS X currently ships with an X server that can run fullscreen or managed as apple windows (I use both on different occasions). It's relatively stable, as fast as linux, and very very convenient.

        Does it integrate perfectly? no. But it is certainly good enough for everyday use. I use a mac laptop and a headless linux machine. I run apps over X forwarding *all the time* with no trouble, as well as run things like gimp and gnome locally.

        Install fink and it gets even more unix-y, if that is what you want. Most common unix apps are available and easy to install using fink, of course even without that, you're stil running something that's very very BSDish.

        I think the FBI man was speaking of a few things-
        -Auto hard disk encryption at the click of a button makes it too easy for someone engaged in illegal activities to hide their tracks.
        -Macs resemble unix machines in many many ways and I'd imagine it's hard to tell the difference over a network at first glance.
        -Their equipment is probably not well equipped for HFS+ yet. That will take little time as darwin is open source and supports it (via changes that apple folded in) and it should be simple to use that code in order to make support for other operating systems, if they are so inclined.

        Parent obviously is not aware of the realities of Mac OS X today. It practically ./configure ; make; make install's out of box. It's posix compliant, it comes with X, etc...

        Brian

      • Unix Guy: Man WTF? Wheres /bin and /sbin? There's stuff like "applications" and "settings"... What in the hell does THAT mean?
      • otool instead of ldd (Score:3, Informative)

        by plsuh ( 129598 )

        Forget using "ldd" to figure out how to resolve the situation. It just doesn't exist (unless something changed since the original MacOS X release,...

        Mac OS X has otool(1), specifically otool -L, and it's been in Mac OS X since the beginning. See the man page for more details. This is no more security by obscurity than a Windows developer not knowing about ldd.

        otool is a bit more flexible than ldd, since ldd requires that you actually execute the code in question and watches what gets loaded. otool lo

    • by -tji ( 139690 ) on Thursday January 29, 2004 @09:56PM (#8131015) Journal
      OS X 10.3 has a feature called "File Vault" that encrypts your home dir with 128 bit AES.. Maybe that's what he is referring to.

      Of course, NTFS also allows for encrypted files.. Though, I've never seen any details about how good it is.

      In OS X, it's a simple system preferences option to enable this feature.
    • by sg3000 ( 87992 ) * <(sg_public) (at) (mac.com)> on Thursday January 29, 2004 @10:09PM (#8131116)
      > "If you're a bad guy and you want to frustrate law
      > enforcement, use a Mac."

      Great. Now using a Mac will be considered to be probable cause.
    • by vicparedes ( 701354 ) on Thursday January 29, 2004 @10:15PM (#8131161)
      By and large, law enforcement personnel in American end up sending impounded Macs needing data recovery to the acknowledged North American Mac experts: the Royal Canadian Mounted Police. Evidently the Mounties have built up a knowledge and technique for Mac forensics that is second to none.
      I suppose this makes Mac Data recovery Canada's 2nd largest export.
      • I suppose this makes Mac Data recovery Canada's 2nd largest export

        According to the CIA factbook, it's actually industrial machinery. Canada's major exports are (in order) motor vehicles and parts, industrial machinery, aircraft, telecommunications equipment; chemicals, plastics, fertilizers; wood pulp, timber, crude petroleum, natural gas, electricity, aluminum

        Canada is also the USA's largest trading partner by a wide margin, accounting for 23% of all US exports and 18% of all US imports. The next most

    • by chill ( 34294 ) on Thursday January 29, 2004 @10:36PM (#8131301) Journal
      He mean "frustrate" in the sense that when the cop tries to do forensic analysis and hit cheat sheet says "right click"...
    • good news...bad (Score:3, Interesting)

      by djupedal ( 584558 )
      Hmm. Not *precisely* the kind of publicity the Mac folks were probably looking for, but with their marketshare almost any publicity is good publicity.

      Years ago, British Leyland ran a full page ad in the Times, apologizing for the efficiency of the Land Rover, and how it was supposedly enabling poachers in Africa to stay one step ahead of the law. Rovers still rule, and Macs will continue as well.

      Just remember, the best way to live outside the law is to stay within it.
    • by ruiner13 ( 527499 ) on Thursday January 29, 2004 @10:57PM (#8131441) Homepage
      "I don't quite understand how people are good at mining data off of *nix but not off of a Mac though -- that part didn't make too much sense. I find it hard to believe that the people they were referring to were on OS9, and if they were on OSX then the boxes basically *are* *nix machines..."

      Well, except they don't (usually) use a UFS formatted drive, they use HFS+, which is a totally different animal. Yes you can install OS X on a UFS partition, but many apps will not run on a drive formatted as such. I suspect what he was referring to is the lack of a data mining program written for HFS+.

    • Did any one else (who actually read the article) find these two quotes incongruous?

      "If you're a bad guy and you want to frustrate law enforcement, use a Mac.... They just don't know how to recover data on them."

      "many of the computer security folks back at FBI HQ use Macs running OS X, since those machines can do just about anything: run software for Mac, Unix, or Windows, using either a GUI or the command line."

      My question; If the Computer Security team at the FBI uses alot of Macs, wouldn't you think

  • by BWJones ( 18351 ) * on Thursday January 29, 2004 @09:39PM (#8130866) Homepage Journal
    I am not really surprised that the FBI security guys use OS X boxes. Years ago I remember another government agency with a three letter acronym that used NeXT boxes it seemed almost exclusively from the situation rooms right down to the secretaries (at least in Langley).

  • Forget Macs... (Score:3, Insightful)

    by herrvinny ( 698679 ) on Thursday January 29, 2004 @09:42PM (#8130887)
    ...what about BeOS? BSD?
  • Well Duh (Score:3, Funny)

    by aynrandfan ( 687181 ) on Thursday January 29, 2004 @09:42PM (#8130892)

    Gee, I wonder how all these horrible viruses, worms, etc. can spread so fast.

    . . . most ordinary computer users have no idea about what security means. They don't practice secure computing because they don't understand what that means.

    Oh. *smacks head*

  • by morelife ( 213920 ) <f00fbugNO@SPAMpostREMOVETHISman.at> on Thursday January 29, 2004 @09:44PM (#8130906)
    Steve Jobs is smarter than Bill Gates. Not only is he giving discounted hardware and software to educational institutions k12 on up, he's found another entrance vector through which to enhance the brainwashing - send in an Agent with a "Macs are more secure, too" line.

    Shoulda taken the blue pill.
    • If Steve is so much smarter, then how did Bill manage to overtake him selling inferior software on inferior hardware at higher prices?
  • So.. (Score:5, Funny)

    by iswm ( 727826 ) on Thursday January 29, 2004 @09:45PM (#8130914) Homepage
    I guess that explains why they use Macs in Hackers.
  • Vendor Integrity? (Score:3, Insightful)

    by Anonymous Coward on Thursday January 29, 2004 @09:46PM (#8130931)
    I would not trust an "out of the box" install of any OS.
  • by malus ( 6786 ) on Thursday January 29, 2004 @09:49PM (#8130953) Journal
    I can see the headline on drudge now, "Terrorists Prefer Apple"
  • by siliconbunny ( 632740 ) on Thursday January 29, 2004 @09:49PM (#8130956)
    As a lawyer, I work with computer forensic people (mostly ex cops) in getting electronic material to use in lawsuits.

    It's always been my experience that the guys are hot on Windows, pretty good on *nix, but very very few know anything about Macs -- my guess because of their law enforcement background, where they used and were trained on PCs.

    A predominant amount of their work seems to be recreating or capturing MS Outlook mailboxes (looking for the smoking guns). They aren't as cluey on Eudora (presumably because most corporate enterprises don't use it).

    Small market share means that the majority of people focus on the system(s) that form the majority of OS/apps used -- a trait which appears to extend to law enforcement and makers of forensic programs. But the really good professionals are always interested in asking "so just how does this work on a mac" and discussing the similarities/differences...

  • by aynrandfan ( 687181 ) on Thursday January 29, 2004 @09:51PM (#8130971)
    What the hell would J. Sixpack rather do:

    1) Watch TV (lord knows what . . .)

    2) drink some booze and hang with the buddies

    3) read about Internet Security so he doesn't go around speading some damn garbage around to everyone else.

    Numbers one and two likely describe your average user, number three is generally the type of person reading slashdot. I guess we need to get security "cool" now for people to take notice.

  • by kaan ( 88626 ) on Thursday January 29, 2004 @09:58PM (#8131042)
    ... to that PC World bonehead who wrote an article about OS X being "just as insecure as Windows" because somebody discovered a remote exploit (where "remote" meant "on the same lan as your machine").

    I don't recall his name, but I remember the sensationalist tone of his article, the minimal facts, and the gloating that Windows was no longer alone in being vulnerable. It's probably asking a bit much for him to read the article without his "I Love Windows Blindly" hat on, but maybe he (and others whose love of bashing the Mac seems to exceed anyone else's love of anything, including the so-called "Mac zealots") might be begin to accept reality.
    • You probably mean (Score:3, Informative)

      by The Fink ( 300855 )
      ... Paul [winsupersite.com] Thurrott [internet-nexus.com], the world's greatest (in a secondary sense, at least) Windows sympathizer.

      I find it somewhat amusing that he harps on and on and on about the slightest little problem with any other platform -- particularly the mac -- but has almost completely ignored the latest couple of mail worms pestering his platform-of-choice.

  • by epiphani ( 254981 ) <epiphani@dal . n et> on Thursday January 29, 2004 @09:59PM (#8131046)
    is that they are technologically impaired halfwits. If they would accually take the time to hire *real* computer experts, maybe they would have a little bit more success in stopping something.

    In the past, I could send them detailed logs, including TCP dumps, of people controlling DDOS networks, threatening people, bragging about committing DDOS. And nothing would happen. More recently, a friend of mine had serious threats to her and her child from a stalker - who authorities proceeded to track to Atlanta. But they seemed to miss the fact that he was repeatedly coming from a dialup IP address in Toronto.

    Law enforcement on the internet needs to be put into the hands of a capable multinational group with laws that are defined to cross boarders. Until then, DDOS kiddies will still be running around quite loudly proclaiming their existance.

  • I *heart* OSX (Score:5, Interesting)

    by joshua404 ( 590829 ) on Thursday January 29, 2004 @10:03PM (#8131078)
    I'm a senior admin with a big company, specializing in Windows based systems. My day to day PC is a 15" Powerbook. I can use the Microsoft RDP client to log into any of the Win servers, SSH to log into the Unix stuff and can pretty much do my job with no hiccups or workarounds. The only exception is that Entourage has weak MS Exchange support, so I'm typically using webmail. With Fink installed I have basic tools like nmap and ethereal at my disposal. My only real gripe is that Apple and Broadcam don't open up access to the network hardware.. Being able to put my NICs into promiscuous mode would be a big help. There's a workaround - I could get an Orinoco or Aironet PCMCIA card.. but I'd prefer to use the integrated hardware.

    As far as Linux distros go, Yellow Dog Linux runs very nicely on most older Macs.. but as of yet there is no support for the Radeon 9600 in my book. Text is fine for most stuff but I'd love to run KDE or Gnome in Yellow Dog.

    Anyway, I think Apple's got a real opportunity. The Virginia Tech cluster shows their potential and this article is good PR, despite the "frustrate law enforcement" comment. Seeing a room full of Powerbooks at NASA was pretty cool, too.
  • by ezraekman ( 650090 ) on Thursday January 29, 2004 @10:04PM (#8131079) Homepage

    I love how people always seem to think that there are fewer vulnerabilities simply because the mac has a much smaller market share. Sure, it makes sense unless you're actually paying attention. Yes, Apple has had to issue some security updates recently. No, Mac OS X is not perfect. But it beats the hell out of operating systems that ship with holes so big you can drive a truck through with room to spare.

    The first thing you have to do when you install the OS is create a user account and a new password. Macs ship with most services disabled by default, and they've got a point-and-click firewall that can be enabled in a matter of seconds. Macs are not secure because no one uses them. They are secure because they do not make the same common mistakes that Microsoft seems to do constantly. They're secure because you don't hear about huge break-ins, loss of data, or life-threatening situations caused by failed security systems. And they're secure because the folks that depend most upon security seem to turn their head more and more these days towards that odd fruit on the other side of the fence. The fact that Apple has issued patches recently is not a red flag. Everyone has to patch their OS. It would be a red flag if they hadn't patched it in a timely manner, like some others that we always seem to hear about.

    Of course, they're expensive as all hell, and their isn't enough software for them, but that's another story. ;-)

    • by blackmonday ( 607916 ) * on Thursday January 29, 2004 @10:51PM (#8131404) Homepage
      Apple offers $800 laptops and $600 desktops with an included monitor (at the Apple Store special deals section - thats an everyday price not an educational deal). That is not expensive as hell, its actually quite cheap comparing the hardware / software package included. Troll Apple all you want, but their prices are quite reasonable. Have you spec'd out a top of the line G5 against a top of the line Dell? Do your homework, kid.

  • Sensationalism (Score:4, Insightful)

    by zerocool^ ( 112121 ) on Thursday January 29, 2004 @10:05PM (#8131084) Homepage Journal
    I have spent a considerable amount in the computer underground and have seen many ways in which clever individuals trick unsuspecting users. I don't think most people have a clue just how bad things are.

    Seriously, to me this sounds like sensationalism. Like, a good sound byte to attract attention. If you tell people that things are worse than they could ever imagine, you're not going to do much except scare people. And most of the time it's not that bad.

    I'd like to think that (like most slashdotters) I'm not unaware of what goes on in the "computer underground". I'm not in it, but it's not like I'm ignorant of the fact that it exists. The tools on packetstorm are enough to scare any non-tech person into submission, if they knew what they could do, yet I don't lose sleep over it.

    I'd like to think that, while there are lots of "dumb" users out there, there are a lot of us tech guys, the guys behind the switches and administering the servers, who are looking out for them, much like shepards.

    There are a couple of simple rules to follow:
    1.) If it's on the internet, it can be hacked.
    2.) If it's backed up, it can be restored.
    3.) If it's patched, it's less likely to be exploited.
    4.) Ease of use and security are inversely proportional.

    I don't resent people like my mom who wouldn't know spyware from cookware. I do what I can for her, computer wise. And she cooks for me when I come home. I consider it an even trade.

    ~Will

  • Aha! (Score:5, Funny)

    by Dalcius ( 587481 ) on Thursday January 29, 2004 @10:09PM (#8131120)
    "If you're a bad guy and you want to frustrate law enforcement, use a Mac."

    Nice try Mr. FBI man! This is just a thinly veiled plot!

    1) Tell public to use FBI to foil law enforcement.
    2) ???
    3) Profi^WProsecute!

    Someone hand me my tinfoil hat, I'm off to search for nsa_key in Darwin.
  • Macs for Crooks (Score:5, Interesting)

    by Lord Kano ( 13027 ) on Thursday January 29, 2004 @10:15PM (#8131159) Homepage Journal
    Back when I was a youngster and I did things that were in a legal "gray area", I almost always used a Mac. FWB's Hard Disk Toolkit included transparent HD encryption.

    LK
  • by Thaidog ( 235587 ) <slashdot753@nym.hush. c o m> on Thursday January 29, 2004 @10:18PM (#8131184)
    ...but just because it's open source does not just mean that it's "secure". Actually... because some software is hacked and patched and exposed to a massive amounts of people... it gets more focus and makes it better software. Perhaps a mac *is* more sercure becuase open source software is made and used by more "hakers"... but that remains to be seen. And no I don't care what you think. Thanks, have a great day. The more you hack me the more I find out.
  • by geekee ( 591277 ) on Thursday January 29, 2004 @10:25PM (#8131241)
    from post: "WeakGeek added, "FBI security guys are using Macs because, 'those machines can do just about anything: run software for Mac, Unix, or Windows, using either a GUI or the command line. And they're secure out of the box.' "

    from article: "many of the computer security folks back at FBI HQ use Macs running OS X, since those machines can do just about anything: run software for Mac, Unix, or Windows, using either a GUI or the command line. And they're secure out of the box."

    The post quote implies that all FBI computer security agents, or at least the majority, use Macs. The second quote, from the actual article, implies that only some unspecified number of FBI computer secuirty agents use Macs. Please don't butcher wuotes to mislead.
  • by lone_marauder ( 642787 ) on Thursday January 29, 2004 @10:26PM (#8131247)
    If you're a bad guy and you want to frustrate law enforcement, use a Mac.

    I am an expert witness who works against these (FBI) guys in criminal cases. They have a whole division of the D.C. computer forensics office dedicated to Macs. A stock question they ask in trial is "OK, general computer forensics dude, what percentage of your time is spent working with Macs?" For most general security experts, this is 10-20%. Then they pull somebody out who does nothing but analyze Macs.
  • rant (maybe) (Score:3, Interesting)

    by craw ( 6958 ) on Thursday January 29, 2004 @10:51PM (#8131405) Homepage
    First, I read this article when it came out and was noted on macintouch. It is obvious that the author has respect for the FBI agent. And if you read articles posted on securityfocus, this is not always the case when it comes to people in the government.

    Macs are shipped with a relatively high level of security in that things (servers/daemons) are turned off by default.

    The most significant security hole in OS X (IMHO) for a non-server perspective was the DHCP hijacking. This was a local subnet potential exploit that one should take very seriously, but not one to affect most people.

    It is very likely that the FBI agent computers that run MacOS X are used for things like e-mail, web browsing, generating documents (Word and Acrobat), PowerPoint presentations, and other normal business applications. There is also the probability that they are used to run more specialized Window and Unix based applications.

    Duh, the agent said that MacOS X was used because they can run these types of programs. One computer, many applications. Side-note: I use OS X because I have to use MS Office, Acrobat, Illustrator, X11, Motif, OpenGL, write programs in C/C++ using X11, OpenGL, and X11, perl, Tkl, as well as others. I want one computer to use, not two or three.

    Going back to security, the last significant Mac based problem was the Autostart worm that went around some years ago. This flaw was due to QuickTime automatically starting an application when a CD was inserted in one's computer. This is no longer a problem, AFAIK.

    I work in a heterogeneous computer environment. Windows (95 to XP), UNIX (IRIX, Solaris, HP-UX), Mac (OS 9 to X), and VMS (sob). Except for VMS, the Mac OS based systems are the easiest to maintain with regard to network security.

    Finally, the FBI needs to get more experience with HFS+ file systems. If they the requisit experience and knowledge, then says to me that the FBI agents using OS X are using their systems to do more mundane things like generating documents, reading e-mail, etc... Then again, this might be a lesson that others should consider.
  • by Guppy06 ( 410832 ) on Thursday January 29, 2004 @11:05PM (#8131499)
    "If you're a bad guy and you want to frustrate law enforcement, use a Mac."

    Sure, right. That's what he wants you to think!
  • Dave Thomas (Score:4, Funny)

    by 77Punker ( 673758 ) <(spencr04) (at) (highpoint.edu)> on Thursday January 29, 2004 @11:07PM (#8131511)
    I always knew there was a connection between Wendy's and the FBI.
  • by Jotham ( 89116 ) on Thursday January 29, 2004 @11:28PM (#8131653)
    Quick! - what's the FBI's number -- I found them in my very own company! -- I always knew the graphics department were up to no good -- dressing above their income in those european clothes - and insisting on only using Macs - and I've seen them, caught them! making websites!

    I'd tell the server guys but they use Linux so you can't trust them not to 0wn your box...
    In-fact they could be watching what I'm typing right now... AHHH... one's walking over this way...

    [good - I hid under my desk and he seems to have gone away... I think I'll make a break for it]

    If this message gets through the web of proxies set to trap and stop my messages... send help..
  • The MAC (Score:3, Funny)

    by katalyst ( 618126 ) on Thursday January 29, 2004 @11:52PM (#8131803) Homepage
    just got cooler eh? But, they definitely didn't feature macs in the Matrix, did they? :D
  • bad guys (Score:3, Funny)

    by manon ( 112081 ) <<slashdot> <at> <menteb.org>> on Friday January 30, 2004 @07:35AM (#8133655) Homepage Journal
    "FBI security guys are using Macs because, 'those machines can do just about anything: run software for Mac, Unix, or Windows"

    And i was thinking bad guys always used 3D interfaces with lots of moving things in the background typing commands like "send worm" "hack 127.0.0.1" etc.
  • by immel ( 699491 ) on Friday January 30, 2004 @07:39AM (#8133668)
    Well no wonder I am considered a security threat just for using Macs!
    Once at ASU, I was using their mac terminals to get some new VIS images of Mars. I overheard the security guys saying: "oh come on, these kiddies were weaned on windows; none of them know UNIX!" Being a long time mac user, I (stupidly) said "I know UNIX!" And was labeled a security threat. (Fortunately, they were out of the "I am a security threat" Tshirts that day)

If all else fails, lower your standards.

Working...