jewels

I always feel safe on my iMac G4.

Until now.

My 14 year-old daughter did something silly that a specific group took personally and they've put out an alert that her "doors are open". One person did post a direct threat (I did report that) to get her ISP (what she said/did wasn't illegal, she broke a non-published rule and doesn't mind being banned if that's the consequence). She claims that they've hacked into other kids' computers and is totally petrified.

Can they hurt Mac? I'm on a Comcast connection using the built-in ethernet. A local password is required through our router for the other computers to log onto our connection (I think?). I'm fairly computer-savvy but not very knowledgeable about networks and Airport, but am not sure if I need to be further protected.

Any Mac advice? Thank you in advance.

__________________
We are always more anxious to be distinguished for a talent which we do not possess, than to be praised for the fifteen which we do possess.
Mark Twain

Willravel

If you're worried about your IP, just download Peer Guardian and run it when you're browsing (or using p2p or torrents). They will not be able to get your IP address.

They almost certainly can't hack into your G4. Mac OS =! Windows OS.

Edit: To put it in perspective, the FBI, CIA, and NSA are more likely to be successfully hacked than my or your Mac.

RonRyan85

Anything is possible in the computer jungle but after buying an iMAC
I was asking the same questions about if any viruses were attacking
the Apple computers. I was told there were no viruses known effecting
Apple computers NOW. There is a free program called "CLAM Xav" you
can download off the net. (Just google the name).

I do have a problem with my iMAC. It's a 20" one and has been working
fine for several months but lately I get Email messages with only the "TO
and From" visable. After reloading the iMac with the operating system CD
then everything is back to normal when the Email is checked again.
Anybody know what is wrong?

Willravel

RonRyan, which application were you using to view your mail? Macmail? Entourage? Thunderbird? A browser?

Baraka_Guru

I'm not sure about active targeting, but the company I work for has spent hours browsing on a Mac version of Internet Explorer no longer supported by Microsoft. This on old G4s. Never in the 4+ years have we had a single problem with viruses, trojans, DOS attacks, what have you.

I wouldn't be worried about it. Most people don't know how to launch OS X's file system locally let alone aggressively access it remotely.

__________________
Knowing that death is certain and that the time of death is uncertain, what's the most important thing?
—Bhikkhuni Pema Chödrön

Humankind cannot bear very much reality.
—From "Burnt Norton," Four Quartets (1936), T. S. Eliot

jewels

Thank you SOOO much, WR and BG! I downloaded and activated the Peer Guardian as soon as I saw your post, Will.

You guys are the best!

__________________
We are always more anxious to be distinguished for a talent which we do not possess, than to be praised for the fifteen which we do possess.
Mark Twain

Willravel

No problema. The proof of PeerGuardian was when MSD asked me why I had 900 IPs in the past month I'd used to visit TFP.

BTW, lemme know who threatened her. A Mac may be impossible to get into but even a noob like me can get into many Windows machines.

ratbastid

I don't understand that at all. PeerGuardian downloads a list of the IPs of remote hosts known to be associated with the (MAF)IAA, major software companies, etc--people that might have an interest in you providing P2P downloads of their "intellectual property"--and blocks them from making UDP or TCP connections with your computer so they can't see what you're sharing. It doesn't do anything to anonymize your activities. And I can't see that it would help at all with some random rabble of script kiddies on some BB somewhere, unless they've risen to the level of prominence that would have them on PeerGuardian's blacklist, which seems very unlikely to me.

Willravel

Huh, maybe ask MSD.

spindles

In theory there are just as many security leaks in Mac OS as there are in windows. Why aren't they exploited, you ask? It is all about bang for your buck - there are *more* windows machines, therefore an exploit causes more damage/havoc.

The fact of having Anti-virus scanners for Mac points to the ability to have compromised systems and means (IMO) that of course you can be hacked.

__________________
who hid my keyboard's PANIC button?

Willravel

Apple offered $25,000 for anyone who could hack Mac OS X. The offer was open for something like 2.5 years. Not one person collected. There was a rumor of a hydra, but it was debunked.

BTW, Mac controls about 15% of the laptop market.

ratbastid

No, that's evidence that software companies that can make money off paranoid people.

I used Windows for years and years, and I never bought a virus scanner. If you know what you're doing, you can stay clean--YOU'RE always the one to infect your own machine, at the end of the day.

Mephex

That's really all there is to it, the new OS X (BSD) is extremely secure. I've been running BSD on my servers for years.

However whether it's Windows or Unix, it still comes down to the person behind the keyboard, determining how they will compromise their security.

__________________
He who is void of virtuous attachments in private life is, or very soon will be, void of all regard for his country.
There is seldom an instance of a man guilty of betraying his country, who had not before lost the feeling of moral obligations in his private connections.
-Samuel Adams

Cynthetiq

Looks like you've used dialups and a few different ISPs I assume that includes your office's ISPs as well.

As far as spoofing your IP address PeerGuardian does nothing of the sort, when I use PG I can't connect to work when I was as Viacom, or my present employer since both are on the list.

There are programs that can provide that type of security of changing your IP address, but I won't go into it here. You are welcome to PM me if you are so concerned about your IP.

IMO you really have little to worry about. Idle spoken threats of people who have seen too many movies.

__________________
I don't care if you are black, white, purple, green, Chinese, Japanese, Korean, hippie, cop, bum, admin, user, English, Irish, French, Catholic, Protestant, Jewish, Buddhist, Muslim, indian, cowboy, tall, short, fat, skinny, emo, punk, mod, rocker, straight, gay, lesbian, jock, nerd, geek, Democrat, Republican, Libertarian, Independent, driver, pedestrian, or bicyclist, either you're an asshole or you're not.

Willravel

There should be two comps: this one and the one at work. I've not used dial up for years.

Apologies about PG, misunderstood that.

ubertuber

Mac's are quite secure against viruses for the time being. That's partially due to the lower market share and partially due to the underpinnings of the OS. However, you are absolutely vulnerable to trojans. Moral of story: be absolutely sure that you know what you download and what you install.

__________________
Cogito ergo spud -- I think, therefore I yam

spindles

I think you answered your own point If you know what you're doing, you can stay clean - it is a big assumption that the average end user knows what they are doing


which is not to say there aren't holes (people discover new things all the time...) or that there are no trojans (as ubertuber pointed out) that run on it.

__________________
who hid my keyboard's PANIC button?

ubertuber

Well, trojans and viruses are really different -- it's just our lazy use of terminology that conflates them. A trojan has nothing to do with the vulnerability of the system, it relies on the ignorance of the user. A virus exploits weaknesses in the operating system or applications for malicious intent without necessarily having to exploit the user's ignorance or mistakes.

It is striking that while people have taken the time to develop trojans for OS X there have been no viruses of consequence. In fact, the fact that people have taken time to develop trojans undermines the classic argument that there are no viruses for OS X because the market share is too small for anyone to care. If anything, I'd figure that the prominence or "prestige" acquired by writing the first real OS X virus of consequence would be a big draw. Either it isn't, or doing such a thing is harder with macs.

That said, Jewels, you should go into the sharing preference pane in system preferences and ensure that the OS firewall is enabled and that the only sharing items you have checked off are the ones that you want to be open.

__________________
Cogito ergo spud -- I think, therefore I yam

jewels

Thank you, firewalls have been up and armed always.

At least the PeerGuard will let me know if anyone's attempted access, ya? It does offer to show me a list of blocked addresses.

BTW, most frequenters of this site are not kids. But Mac appearss fine and unintruded this morning.

__________________
We are always more anxious to be distinguished for a talent which we do not possess, than to be praised for the fifteen which we do possess.
Mark Twain

Cynthetiq

PG will only show attempted scans of the blacklisted IPs which are entertainment and media companies.

Firewall logs would show if anyone attempts access.

I can say that if you look at your logs you will ALWAYS see someone trying to access your computers. Hackers tend to look for IP addresses with port 21 open because that designates a potential FTP site.

So you'll have a self fulfilling prophecy if you look at your logs, it doesn't necessarily mean it was these individuals.

__________________
I don't care if you are black, white, purple, green, Chinese, Japanese, Korean, hippie, cop, bum, admin, user, English, Irish, French, Catholic, Protestant, Jewish, Buddhist, Muslim, indian, cowboy, tall, short, fat, skinny, emo, punk, mod, rocker, straight, gay, lesbian, jock, nerd, geek, Democrat, Republican, Libertarian, Independent, driver, pedestrian, or bicyclist, either you're an asshole or you're not.

Shauk

Macs

Aren't

Special



at the end of a day, a computer is a computer, they're all vulnerable in some way or another. It just takes someone who's smart and has a reason to hack you to make it happen.

Baraka_Guru

This is true...though I think you mean to say: Macs aren't invulnerable.

If Macs weren't special, there would be no reason to buy one.

__________________
Knowing that death is certain and that the time of death is uncertain, what's the most important thing?
—Bhikkhuni Pema Chödrön

Humankind cannot bear very much reality.
—From "Burnt Norton," Four Quartets (1936), T. S. Eliot

Willravel

This is a failure of the third party wireless card (which cannot be used on a G4 desktop, like jewel's), not the OS. In order to bypass this, one needs to test a wireless card to ensure that it's not vulnerable.
This one is tougher to get around. I don't believe the problem still exists in Safari 3, but if you want to be super safe use Firefox or even OmniWeb.
An application that supposedly "cleans" your computer? WTF? Cleans if of what? Only an idiot would download that.

ratbastid

Ultimately, end of the day, YOU'RE who infects your computer. By going to sketchy websites, running sketchy downloads, surfing with a vulnerable browser, opening unknown email attachments, etc.

Okay, you could make the case that somebody could scan you and attack services running on various ports, but there has been LOTS of attention paid to the services that are running behind the scenes in OSX, and so far no mention of viable attacks. And I'd even take the case that you're the one leaving the door open by running that service.

MOST computer takeovers are a result of owner/user gullibility and ignorance, even on Windows. By most, I mean probably 99%. And most (like 99%) of attacks are designed to exploit gullibility and ignorance. EDUCATION IS THE ANSWER.

vanblah

Really? You can hack into a Windows machine? I'd like to see you do it.

Honestly, there are VERY few people who can "hack into" any OS. The problem is what is running on the server ... not the OS.

I think you'll need to do some studying about what hacking is. As the sysadmin (8 years) of a small college I can count the number of times we've been "hacked" on one hand:

1 - A Solaris 8 box was compromised; why? User error. It was a wide-open telnet server that was set up by a faculty member so he could connect to it from home.

That's it. Solaris != Windows either.

We have 40+ Windows 2003 servers ... none have been compromised as long as I've been here. I watch the IPAudit logs(a program that runs on top of MRTG on Redhat 7.3 box); I watch the firewall logs; I watch the Packeteer and Nitro (packet shaping devices) logs ... I see SCADS of attempts to infiltrate our network. None of them succeed.

The fact is that "reward" for hacking a OSX Server is just a marketing ploy. No hardened system can EASILY be hacked (including Windows) ... Note: I said EASILY ... I didn't say it couldn't be done. A n00b would have a hard time at it.

Willravel

The person contacted her via myspace. All one would need to do is:
1) Find the myspace which contacted her
2) Check out the friends list of the guy (or girl),
3) Copy one of his friend's accounts
4) Send a private message from the copied account:
"John forwarded this app to me. Is this legit?" with a link to a site like www.thunderbord.com.
5) The link sends him to a site I'm hosting, I see his IP.

And I'm honestly a complete n00b.

jewels

No, you're not a noob. Your dyslexia must've kicked in. You're just a nobo. Or is it bono?

__________________
We are always more anxious to be distinguished for a talent which we do not possess, than to be praised for the fifteen which we do possess.
Mark Twain

vanblah

That's not "hacking" into Windows.

It's relatively easy to see someone's IP address. You can go to several sites to see your own.

To gain control (become root) of an OS is not easy to do without a lot of knowledge.

EDIT: To gain control of a HARDENED OS is not easy to do without a lot of knowledge.

Also, what you described is social hacking ... look up some of Mitnick's social hacking skillz. If you can gain the end user's trust then you've won 90% of the battle in gaining control of a system. It has nothing to do with the OS. If you trick someone into giving you control of your Mac then there you go. Anyone could win the $25,000 reward if they could get Apple to give them console access to the server.

Remotely commandeering a modern OS (without permission) is difficult.

Shauk

I like vanblah

but then again I like anyone who doesn't display rabid fanaticism about an overmarketed OS/platform that is no more better/worse at what it's intended for than the competition. Same but different.

if a computer can execute code, it can execute malicious code
if a computer can offer a service, that service can be exploited

and yeah, I have mitnick's "Art of Deception"

very very good read. It really does display how trusting people are and how you use natural instinct against people to get what you want.

Manipulative? yes, but in the world of computers, you tell them what you want every single time you click an icon, it's not that much different when interacting with people, its just song and dance to gain the desired outcome.

You could even go so far as to apply it to the whole social "pick up" scene that seems to be all the rage these days. It's another degree of Social Engineering.

ratbastid

Right, which is why most approaches are to socially engineer that permission.

Double click here for sexy pictures of wombats!

Shauk

nothing happened!

vanblah

I would like to add that anyone looking for sexy pictures of wombats while surfing on a web connected server is just asking for trouble.

ratbastid

Ah, but if I'd WANTED to, I could have just raped your sofa! So ha on you!

Jinn

Same situation, different software. Attached a few pictures. Sorry for the terrible quality... massive compression to upload them.

None of these have been hacked, in the sense that there was unauthorized access from outside. Securing these servers is actually a small part of my 40 hour week (20%). NONE of them are Macintosh. If they were, I think I'd be spending a lot longer than 20% of my time managing the different software suites across OSes.

The "security" of an OS has very little to do with the OS itself - it has to do with the measures taken to harden them. An 'unhardened' RHEL3 server scares me just as much as an Windows 2003 SP1 machine, and Linux is supposedly the "secure" OS.

Attached Images

	IMAGE_012.jpg (33.2 KB, 192 views)
	IMAGE_014.jpg (34.3 KB, 190 views)
	IMAGE_016.jpg (29.6 KB, 190 views)
	IMAGE_015.jpg (35.6 KB, 187 views)

__________________
"I'm typing on a computer of science, which is being sent by science wires to a little science server where you can access it. I'm not typing on a computer of philosophy or religion or whatever other thing you think can be used to understand the universe because they're a poor substitute in the role of understanding the universe which exists independent from ourselves." - Willravel

Rekna

Don't think your computer is unbeatable lest it ends up like the Patriots.

You are the first line of defense on your computer, know what you are doing before you do it and take steps to secure any machine you don't want hacked (including a mac).

Actually the flaw was in the Airport drivers provided with the OS on intel based macs. The demonstration was done with a 3rd party card in order to be less offensive.

Here is a published paper on the exploit: http://uninformed.org/?v=8&a=4&t=sumry

I skimmed it and it did not mention anything about requiring a 3rd party card and most recent news articles on it also mention that it works with the built in cards.

I could be wrong and would be glad to know if you find proof that it was only doable via a 3rd party wireless card.

Hain

Anything and everything can be broken [into]. Security ultimately is up to you. "YOU'RE always the one to infect your own machine, at the end of the day." --ratbastid

spindles

I think the comparison between the average home user and professional network admins is hardly fair - I'd hope that most businesses/schools with a serious computer setup would be more secure than any home user.

The average home user has *no clue* what services are running and probably couldn't turn them off if they were running.

__________________
who hid my keyboard's PANIC button?

vanblah

With the exception of (high-end) hardware packet shaping devices there's really not much difference between a commercial setup and a home set up. Windows Server 2003 is pretty similar to Windows XP on the surface. You don't have to turn off services to be secure (except for server services which should not be turned on by default in XP anyway). Hell, you don't even need a firewall or antivirus to be secure.

You just have to NOT click on the boobies in that email you got.

I kind of think the same way about cars as I do computers. You don't have to know how to completely overhaul an engine; but you damn sure better no how to put gas in it; keep the oil changed and at least change a tire if you have to. If you don't ... you're just asking for trouble.

There are people who have phobias about electronics. They feel they are stupid or whatever. There is a culture of ignorance that surrounds computers and I'm tired of it. I really don't have sympathy for someone who would drop $1500 on something and then not know how to work it. I feel the same way about someone who buys a nice car and then dogs it or doesn't know how to maintain it.

But this thread has been jacked far enough I suppose.

Martian

I don't think it's a threadjack, as the thread is about computer security. That said, you've become my personal hero for today.

The problem stems from the fact that computers are mysterious to most end users. They understand that there's some software and some hardware and that these two things put together allow them to browse the internet/look at boobs/play games/whatever other task. The exact processes that go into that are completely unknown to them. And because they don't know what's possible, anything seems plausible. Ask me some time why I got out of the IT business. I dare ya.

Putting aside terminology discussions that aren't really relevant, hackers aren't as bad as most people seem to believe. I blame Hollywood, which has perpetuated the idea that a sufficiently knowledgeable individual can basically do whatever he wants with a computer. The reality is that working within computer systems comes with a set of rules. It doesn't matter how much of a mechanic I am, I can't make my car go 300 mph. And it doesn't matter how good of a 'hacker' I am, I simply can't break into a properly secured system. The rules don't let me. Since it's difficult to impossible, then, to fool the system, most of the attempts to crack a box are aimed at the user, who is relatively easy to fool. Kevin Mitnick was mentioned above. The man is a god amongst geeks. He's a geek superstar. And even he was noted more for his social engineering abilities than any prominent technical skills.

I can't say it's impossible to break into a Mac running OS X. I know that OS X is based heavily on BSD and that's the extent of my knowledge on the subject, so I can't say that anything really in terms of what can and cannot be done. I do know, however, that there are people who keep an eye on this thing from both sides of the playing field and that if Apple was distributing an operating system with any serious vulnerabilities they'd probably get called on it pretty quick. Some script kiddie on a message board doesn't change that; these kids were probably just trying to intimidate your daughter. At best, they may have access to some of the more malicious software but even then it's probably more geared towards Windows than OS X (having been out of the security biz for a couple years now, I don't really know what's in vogue anymore and thus don't really feel confident enough to list specific examples). As long as you're intelligent about your usage, you'll be fine.

A little education goes a long way.

__________________
I wake up in the morning more tired than before I slept
I get through cryin' and I'm sadder than before I wept
I get through thinkin' now, and the thoughts have left my head
I get through speakin' and I can't remember, not a word that I said

- Ben Harper, Show Me A Little Shame

RonRyan85

I am using the iMAC browser (Safari) to read YAHOO Email and Google
Email.

RonRyan