Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Vista
Apple's in the eye of flaw finders
Robert Lemos, SecurityFocus 2006-02-07

At the recent ShmooCon hacking conference, one security researcher found out the hard way that such venues can be hostile, when an unknown hacker took control of the researcher's computer, disabling the firewall and starting up a file server.

Comments Mode:
Apple's in the eye of flaw finders 2006-02-07
Anonymous (1 replies)
Re: Apple's in the eye of flaw finders 2006-02-08
Rick (1 replies)
Re: Re: Apple's in the eye of flaw finders 2006-02-09
Jay Beale (1 replies)
Re: Re: Re: Apple's in the eye of flaw finders 2006-02-09
Anonymous
Apple's in the eye of flaw finders 2006-02-08
Anonymous (1 replies)
Whilst this is an excellent article with a large number of valid (if not new points) I wonder if there is good reason to use the reaserchers powerbook as an example of a flaw in this case. Since the powerbook was "locked down" and since there are no obvious answers as to how the laptop was hacked is it not possible that this security flaw was human not software. i.e. a physical security issue? did the researcher leave his notebook out of sight? did someone watch him enter a password? For an isolated incident it is a bit much to suggest that there is a flaw in Mac OSX that allows a remote attacker to take control of a system (presumably as root if launching server processes) without leaving a trail or indeed anyone else knowing about it....

I wonder.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/11375/33060#33060
Re: Apple's in the eye of flaw finders 2006-02-08
Ralph
Apple's in the eye of flaw finders 2006-02-08
Anonymous (1 replies)
Re: Apple's in the eye of flaw finders 2006-02-09
Anonymous
Apple's in the eye of flaw finders 2006-02-08
Alexey Vesnin
Apple's in the eye of flaw finders 2006-02-08
Anonymous (1 replies)
Re: Apple's in the eye of flaw finders 2006-02-08
Rick
Apple's in the eye of flaw finders 2006-02-08
Anonymous (1 replies)
Re: Apple's in the eye of flaw finders 2006-02-08
Anonymous
Don't be foolish 2006-02-08
Anonymous (2 replies)
Re: Don't be foolish 2006-02-08
Anonymous
Re: Don't be foolish 2006-02-08
Anonymous
I had no problems at Shmoocon 2006-02-08
Anonymous (2 replies)
Re: I had no problems at Shmoocon 2006-02-08
Anonymous (3 replies)
Re: Re: I had no problems at Shmoocon 2006-02-08
Anonymous
move along 2006-02-09
Anonymous
Re: Re: I had no problems at Shmoocon 2006-04-17
Anonymous
Re: I had no problems at Shmoocon 2006-02-08
Anonymous (2 replies)
Re: Re: I had no problems at Shmoocon 2006-02-09
Raven
Re: Re: I had no problems at Shmoocon 2006-02-10
R_U_Trustified?
Apple's in the eye of flaw finders 2006-02-08
Mike Andrews (1 replies)
Re: Apple's in the eye of flaw finders 2006-03-07
Anonymous
Apple's in the eye of flaw finders 2006-02-08
Anonymous (2 replies)
Re: Apple's in the eye of flaw finders 2006-02-08
Anonymous
Re: Apple's in the eye of flaw finders 2006-02-09
Anonymous
do we want security through obscurity? 2006-02-08
assurbanipal (1 replies)
Re: do we want security through obscurity? 2006-02-08
Penguinisto
Apple's in the eye of flaw finders 2006-02-08
Scott Barman (www.barman.ws) (2 replies)
Re: Apple's in the eye of flaw finders 2006-02-08
Adam
Re: Apple's in the eye of flaw finders 2006-02-08
Anonymous
Hired Gun 2006-02-08
Anonymous
Long on FUD, short on fact 2006-02-08
Marty
Forensices did not reveal any clues? 2006-02-08
Anonymous
Apple's in the eye of flaw finders 2006-02-08
Anonymous
Ragnarok/Apocalypse is possible for Mac users - wake up. 2006-02-08
Rumplestiltskin
Apple's in the eye of flaw finders (yes, and no) 2006-02-08
Debunker
"Intel", new fuel for the FUD 2006-02-08
rY.
Did his POwerBook really get compromised? 2006-02-08
Anonymous (2 replies)
Re: Did his POwerBook really get compromised? 2006-02-09
Anonymous
Re: Did his POwerBook really get compromised? 2006-02-10
Anonymous (1 replies)
Re: Re: Did his POwerBook really get compromised? 2006-02-10
Anonymous
Apple's in the eye of flaw finders 2006-02-08
Anonymous
Apple's in the eye of flaw finders 2006-02-09
A Nonny Moose
Apple's in the eye of Finder flaws 2006-02-09
AudioAquatic
Apple's in the eye of flaw finders 2006-02-09
Anonymous
How to do what was described... 2006-02-09
Anonymous
Apple's in the eye of flaw finders 2006-02-09
sierradragon
Apple's in the eye of flaw finders 2006-02-10
Anonymous (1 replies)
Re: Apple's in the eye of flaw finders 2006-02-14
casad
Apple's in the eye of flaw finders 2006-02-20
Anonymous
Apple's in the eye of flaw finders 2006-03-07
Anonymous (2 replies)
Re: Apple's in the eye of flaw finders 2006-03-28
Anonymous
Re: Apple's in the eye of flaw finders 2006-03-28
Anonymous







 

Privacy Statement
Copyright 2008, SecurityFocus