New To Mac-Forums?

Welcome to our community! Join the discussion today by registering your FREE account. If you have any problems with the registration process, please contact us!

Get your questions answered by community gurus Advice and insight from world-class Apple enthusiasts Exclusive access to members-only contests, giveaways and deals

Join today!

 
Start a Discussion
 

Mac-Forums Brief

Subscribe to Mac-Forums Brief to receive special offers from Mac-Forums partners and sponsors

Join the conversation RSS
Apple Rumors and Reports Discuss what's going on with Apple in this forum

MBA hacked in 2 minutes while Vista and Ubuntu stand strong


Post Reply New Thread Subscribe

 
Thread Tools
fleurya

 
fleurya's Avatar
 
Member Since: Nov 18, 2006
Location: Anytown, USA
Posts: 4,922
fleurya is a name known to allfleurya is a name known to allfleurya is a name known to allfleurya is a name known to allfleurya is a name known to allfleurya is a name known to allfleurya is a name known to all
Mac Specs: 27" iMac 2.7GHz Core i5, iPhone 4S, 3rd gen iPad

fleurya is offline
http://crave.cnet.com/8301-1_105-9905095-1.html

Hackers were able to gain access to a Macbook Air in 2 minutes by exploiting a Safari weakness and getting a user to connect with a malicious site. Luckily it was part of a competition where the actual method is only disclosed to Apple. But what's worse; the fact that a Mac was hacked, or that Vista couldn't not be?

"Give so much time to the improvement of yourself that you have no time to criticize others"
QUOTE Thanks
MacGal

 
MacGal's Avatar
 
Member Since: Mar 28, 2008
Location: In the USA
Posts: 27
MacGal is on a distinguished road
Mac Specs: MacBook Pro

MacGal is offline
Yeeiiiks!!! That is really scary! And I thought that my Mac was safe from things like that.

Seriously, it makes the news when a Mac gets hacked into because it is such a rare occurrence. Windows computers get hacked every day and the media doesn't pay any attention because it happens all the time.

I still think that Macs are the more secure systems.
QUOTE Thanks
D3v1L80Y

 
D3v1L80Y's Avatar
 
Member Since: Feb 02, 2004
Location: PA
Posts: 12,459
D3v1L80Y has a reputation beyond reputeD3v1L80Y has a reputation beyond reputeD3v1L80Y has a reputation beyond reputeD3v1L80Y has a reputation beyond reputeD3v1L80Y has a reputation beyond reputeD3v1L80Y has a reputation beyond reputeD3v1L80Y has a reputation beyond reputeD3v1L80Y has a reputation beyond reputeD3v1L80Y has a reputation beyond reputeD3v1L80Y has a reputation beyond reputeD3v1L80Y has a reputation beyond repute
Mac Specs: MacBook

D3v1L80Y is offline
Quote:
Originally Posted by fleurya View Post
But what's worse; the fact that a Mac was hacked, or that Vista couldn't not be?
Again, same as last year's fiasco of fallacies.... nothing was "hacked".

Quote:
Originally Posted by article
No one was able to execute code on any of the systems on Wednesday, the first day of the contest, when hacks were limited to over-the-network techniques on the operating systems themselves. But on the second day, the rules changed to allow attacks delivered by tricking someone to visit a maliciously crafted Web site, or open an e-mail.
That isn't hacking, that is social engineering. Take note, that no person was able to actually 'hack' into the Mac until the rules were changed. Just like last year. They couldn't touch the Mac until the rules were changed and severely improbable situations were allowed to take place.

This story is nothing more than sensationalism. Use buzzwords like "hack" and a new product release with as much pomp and fanfare as the MacBook Air... and, well... you get the picture. It's just fodder for fanboyz.

__________________________________________________
Posting and YOU|Forum Community Guidelines|The Apple Product Cycle|Forum Courtesy

mac: a waterproof raincoat made of rubberized fabric
MAC: a data communication protocol sub-layer, also known as the Media Access Control
Mac: a brand name which covers several lines of personal computers designed, developed, and marketed by Apple Inc.

QUOTE Thanks
fleurya

 
fleurya's Avatar
 
Member Since: Nov 18, 2006
Location: Anytown, USA
Posts: 4,922
fleurya is a name known to allfleurya is a name known to allfleurya is a name known to allfleurya is a name known to allfleurya is a name known to allfleurya is a name known to allfleurya is a name known to all
Mac Specs: 27" iMac 2.7GHz Core i5, iPhone 4S, 3rd gen iPad

fleurya is offline
The rules were tweaked, but opening a website isn't anything extraordinary. Many hacks are perpetuated by people getting lured into connecting with a malicious site or opening a malicious email. If that's all that's required to let someone into my computer, it does make me sit up and pay a little attention.

"Give so much time to the improvement of yourself that you have no time to criticize others"
QUOTE Thanks
Gbeav

 
Member Since: Jan 01, 2008
Location: Calgary
Posts: 99
Gbeav is on a distinguished road
Mac Specs: 2.16 Macbook

Gbeav is offline
I hope they shut this stuff down quick. Safari has become my browser of use.
QUOTE Thanks
andersmj

 
andersmj's Avatar
 
Member Since: Nov 25, 2007
Posts: 51
andersmj is on a distinguished road

andersmj is offline
Quote:
Originally Posted by D3v1L80Y View Post
Take note, that no person was able to actually 'hack' into the Mac until the rules were changed. Just like last year. They couldn't touch the Mac until the rules were changed and severely improbable situations were allowed to take place.
Unfortunately this is something Windoze users really like to just overlook when they see news like this (and it p****s me off) and then have a bash at our choice of computer/OS.

Notice that the article says that the judges were tricked into visiting this website with the attack code, but I guess that was what you meant with this not being hacking, but social engineering.

.
QUOTE Thanks
jram

 
jram's Avatar
 
Member Since: Apr 08, 2005
Posts: 472
jram is a jewel in the roughjram is a jewel in the rough

jram is offline
Before the exploit could be executed, did OS X ask for a password?
QUOTE Thanks
giulio

 
giulio's Avatar
 
Member Since: Mar 19, 2007
Location: NY USA
Posts: 1,813
giulio is just really nicegiulio is just really nicegiulio is just really nicegiulio is just really nice
Mac Specs: iMac 5.1 | iMac 7.1 | iPod Touch | iPod Nano

giulio is offline
OSX is not the weakness. It's Safari/Webkit that failed. Since Apple followed Microsoft and made a rendering engine part of the OS, it looks like OSX as a whole is vulnerable.

PS:
http://www.mac-forums.com/forums/sho...ostcount623629

schweb This has to be one of the best threads ever in MF history...
Cherokee This gets my vote for most innovative thread on Mac-Forums... ever.
QUOTE Thanks
sanity1082

 
sanity1082's Avatar
 
Member Since: Jun 17, 2007
Posts: 882
sanity1082 has a spectacular aura about
Mac Specs: macbook/iphone/ipod nano/ipod shuffle

sanity1082 is offline
i think it is funny how the windows and the ubantu hardware isnt mentioned but the fact it is a mba came up several times
QUOTE Thanks
D3v1L80Y

 
D3v1L80Y's Avatar
 
Member Since: Feb 02, 2004
Location: PA
Posts: 12,459
D3v1L80Y has a reputation beyond reputeD3v1L80Y has a reputation beyond reputeD3v1L80Y has a reputation beyond reputeD3v1L80Y has a reputation beyond reputeD3v1L80Y has a reputation beyond reputeD3v1L80Y has a reputation beyond reputeD3v1L80Y has a reputation beyond reputeD3v1L80Y has a reputation beyond reputeD3v1L80Y has a reputation beyond reputeD3v1L80Y has a reputation beyond reputeD3v1L80Y has a reputation beyond repute
Mac Specs: MacBook

D3v1L80Y is offline
Quote:
Originally Posted by andersmj View Post
Notice that the article says that the judges were tricked into visiting this website with the attack code
They weren't even tricked. They were told to go to the website. There was no trickery involved here.

Quote:
Originally Posted by jram View Post
Before the exploit could be executed, did OS X ask for a password?
The use of Antivirus is recommended

__________________________________________________
Posting and YOU|Forum Community Guidelines|The Apple Product Cycle|Forum Courtesy

mac: a waterproof raincoat made of rubberized fabric
MAC: a data communication protocol sub-layer, also known as the Media Access Control
Mac: a brand name which covers several lines of personal computers designed, developed, and marketed by Apple Inc.

QUOTE Thanks
gunnerjoe

 
gunnerjoe's Avatar
 
Member Since: Dec 24, 2004
Location: Albuquerque
Posts: 75
gunnerjoe is on a distinguished road
Mac Specs: Macbook Pro 17" Quad i7, MacMini Quad i7 , 16gb ram on both. IPad 4th Gen. IPhone 4S

gunnerjoe is offline
Quote:
Originally Posted by D3v1L80Y View Post
Again, same as last year's fiasco of fallacies.... nothing was "hacked".

That isn't hacking, that is social engineering. Take note, that no person was able to actually 'hack' into the Mac until the rules were changed. Just like last year. They couldn't touch the Mac until the rules were changed and severely improbable situations were allowed to take place.

This story is nothing more than sensationalism. Use buzzwords like "hack" and a new product release with as much pomp and fanfare as the MacBook Air... and, well... you get the picture. It's just fodder for fanboyz.
Well he owns a new laptop either way. When he can take full control of the system that's not good, no matter how he did it. Visiting a malicious website is something that can happen to a lot of people. Mac users (my self included) can be a little cocky, and we just got B%$#$ slapped, learn to live with it .

Joe
QUOTE Thanks
Brown Study

 
Brown Study's Avatar
 
Member Since: Mar 11, 2004
Location: Winnipeg
Posts: 1,964
Brown Study is a name known to allBrown Study is a name known to allBrown Study is a name known to allBrown Study is a name known to allBrown Study is a name known to allBrown Study is a name known to allBrown Study is a name known to all
Mac Specs: G4 Tiger and OS 9

Brown Study is offline
Quote:
Originally Posted by gunnerjoe View Post
Mac users (my self included) can be a little cocky, and we just got B%$#$ slapped, learn to live with it .
Quote:
Originally Posted by MacGal View Post
Yeeiiiks!!! That is really scary! And I thought that my Mac was safe from things like that.
Being b%$#$ slapped is more likely if the person is relatively new to Macintosh after switching from Windows.

Those who have used Macs for years some approaching decades and who might have never used Windows are not among the Windows shell-shocked. They are not b%$#$ slapped and they don't live with it.

This stunt is as old as the Mac platform. Even pre-OS X, when "exploits" were reported and real viruses were possible and a new one was discovered, the trumpets would blare, the flags would unfurl and fingers would point as the doze crowd crowed, despite 100,000 viruses for doze vs. 52 or 84 or whatever the final tally is for pre-OS X.

And pre-X, when an exploit was reported, came the same result with the same aftermath the exploit was contrived when it wasn't fiction. And there's nothing like a well-publicized event complete with prizes to make the doze crowd crane their necks and rub their hands together in anticipation of watching the walls of Jericho tumble down.

It never happens. This stunt was as contrived as last year's stage-managed farce. This year's was a lesson in social engineering. Next year's, if it happens, probably will be a lesson in hacking with a hammer and chisel.

It's an annual affair because if it was held any more often, even the crickets would be silent. It takes a year to work out another attack after the defences have been lowered before the press sees something else shiny and/or heads for the bar.

I'm going back to sleep.

Real radios glow in the dark.
QUOTE Thanks
giulio

 
giulio's Avatar
 
Member Since: Mar 19, 2007
Location: NY USA
Posts: 1,813
giulio is just really nicegiulio is just really nicegiulio is just really nicegiulio is just really nice
Mac Specs: iMac 5.1 | iMac 7.1 | iPod Touch | iPod Nano

giulio is offline
So what if 'hacked' is the wrong term. A machine should not be compromised just by visiting a webpage. That's just ridiculous. Apple deserves all the trumpet blaring and attention.
QUOTE Thanks
jaynorris

 
jaynorris's Avatar
 
Member Since: Jun 15, 2006
Posts: 87
jaynorris is on a distinguished road

jaynorris is offline
Either some people are just ignorant to the facts, or plain blind. Regardless how the hack was pitched it still worked. Yeah so, it was crafted as a social engineered attempted. The results and the out come was the same. We all know Windows is vulnerable, what's the joy in reporting old news, and who really cares anymore... It's not new. Apple exploits on another had are more exciting because it's die hard users act like it's impenetrable. Please... Reality check... Even if the OS is secure, the applications running on it could have a vulnerabilities to allow escalated assess.

Now I credit Apple. They are pretty fast in fixing these holes when they get wind of them. So while todays hackers show off at security conferences, it allows Apple to fix them and closing the doors for leveraged malicious use.

Also I read Apple has risen in market share... What is it now? Anyone? I think I read today it's just over 15% from about 8% last year. Yeah... Give it a few more years. Change is coming... Just understand while there's really nothing to do today, tomorrow might be different.


"Know the enemy and know yourself; in a hundred battles you will never be in peril. When you are ignorant of the enemy, but know yourself, your chances of winning or losing are equal. If ignorant both of your enemy and yourself, you are certain in every battle to be in peril." - Sun Tzu ("Art of War")
QUOTE Thanks
hagen

 
Member Since: Feb 22, 2006
Posts: 39
hagen is on a distinguished road
Mac Specs: Intel mini early 2011 4GB

hagen is offline
Can someone explain to me how visiting a website constitutes being "tricked" or "lured"?

Nothing I've seen yet suggests it was "social engineering", if that term means tricking the user into doing something stupid or unusual. Visit a website, get infected, pwned, hacked, whatever.

IOW, a drive-by.
QUOTE Thanks

Post Reply New Thread Subscribe


« iTunes might turn subscription... | Mac Clone: The Thick Plottens »
Thread Tools

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off
Forum Jump

Similar Threads
Thread
Thread Starter
Forum
Replies
Last Post
Can I put Vista, Ubuntu, and Mac OS on my computer Historia Running Windows (or anything else) on your Mac 12 03-02-2007 03:44 AM
XP, Vista, Ubuntu and then back home Kenotic Switcher Hangout 20 03-02-2007 02:29 AM

All times are GMT -4. The time now is 12:26 PM.

Powered by vBulletin
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
X

Welcome to Mac-Forums.com

Create your username to jump into the discussion!

New members like you have made this community the ultimate source for your Mac since 2003!


(4 digit year)

Already a member?