| Author |
Message |
seraph
Editor
Joined: Jun 21, 2003
Posts: 12396
Location: Firenze, Italy
Audio files: 33
G2 patch files: 2
|
|
|
Back to top
|
|
 |
Blue Hell
Site Admin
Joined: Apr 03, 2004
Posts: 24026
Location: The Netherlands, Enschede
Audio files: 275
G2 patch files: 320
|
 Posted: Fri Mar 28, 2008 10:00 am Post subject:
|
  |
|
I read it this morning, but didn't want to hurt the mac-heads by posting it 
_________________
Jan
also .. could someone please turn down the thermostat a bit.
 |
|
|
Back to top
|
|
|
Kassen
Janitor
Joined: Jul 06, 2004
Posts: 7678
Location: The Hague, NL
G2 patch files: 3
|
| Posted: Fri Mar 28, 2008 10:30 am Post subject:
|
|
|
| Blue Hell wrote: | | I read it this morning, but didn't want to hurt the mac-heads by posting it |
Well, it's just a friendly warning. Hurtful would be saying that hacker could use the 10K$ to buy a real computer while he keeps the airbook off-line... or that maybe it would've been a single minute if the airbook had a faster processor....
;¬)
_________________
Kassen |
|
|
Back to top
|
|
|
Inventor
Stream Operator
Joined: Oct 13, 2007
Posts: 6221
Location: near Austin, Tx, USA
Audio files: 267
|
| Posted: Fri Mar 28, 2008 12:03 pm Post subject:
|
|
|
Ouch! That *is* painful. Bad news for Mac heads like me, though I do try to not be an operating system bigot. Perhaps my Firefox is more secure...
Plus I'd imagine the guy who did it is in a position to receive some hefty consultation fees from Apple...
_________________
"Let's make noise for peace." - Kijjaz |
|
|
Back to top
|
|
|
Blue Hell
Site Admin
Joined: Apr 03, 2004
Posts: 24026
Location: The Netherlands, Enschede
Audio files: 275
G2 patch files: 320
|
| Posted: Fri Mar 28, 2008 12:28 pm Post subject:
|
|
|
| Inventor wrote: | | Perhaps my Firefox is more secure... |
Maybe so today, maybe not tomorrow, or maybe a cell phone will be hacked fastest then, it's a battle, there always is a weakest spot.
_________________
Jan
also .. could someone please turn down the thermostat a bit.
|
|
|
Back to top
|
|
|
v-un-v
Janitor
Joined: May 16, 2005
Posts: 8933
Location: Birmingham, England, UK
Audio files: 11
G2 patch files: 1
|
| Posted: Fri Mar 28, 2008 2:34 pm Post subject:
|
|
|
Cool!
This blew me away too!! 
Recently I've been discovering a new idea- it's called; "pencil and paper"
_________________
ACHTUNG!
ALLES TURISTEN UND NONTEKNISCHEN LOOKENPEEPERS!
DAS KOMPUTERMASCHINE IST NICHT FÜR DER GEFINGERPOKEN UND MITTENGRABEN! ODERWISE IST EASY TO SCHNAPPEN DER SPRINGENWERK, BLOWENFUSEN UND POPPENCORKEN MIT SPITZENSPARKSEN.
IST NICHT FÜR GEWERKEN BEI DUMMKOPFEN. DER RUBBERNECKEN SIGHTSEEREN KEEPEN DAS COTTONPICKEN HÄNDER IN DAS POCKETS MUSS.
ZO RELAXEN UND WATSCHEN DER BLINKENLICHTEN. |
|
|
Back to top
|
|
|
Blue Hell
Site Admin
Joined: Apr 03, 2004
Posts: 24026
Location: The Netherlands, Enschede
Audio files: 275
G2 patch files: 320
|
| Posted: Fri Mar 28, 2008 2:36 pm Post subject:
|
|
|
| v-un-v wrote: |
Recently I've been discovering a new idea- it's called; "pencil and paper" |
Where can I DL that ?? Google has nothing on it 
_________________
Jan
also .. could someone please turn down the thermostat a bit.
|
|
|
Back to top
|
|
|
v-un-v
Janitor
Joined: May 16, 2005
Posts: 8933
Location: Birmingham, England, UK
Audio files: 11
G2 patch files: 1
|
| Posted: Fri Mar 28, 2008 2:44 pm Post subject:
|
|
|
Then this bought me back to earth!
_________________
ACHTUNG!
ALLES TURISTEN UND NONTEKNISCHEN LOOKENPEEPERS!
DAS KOMPUTERMASCHINE IST NICHT FÜR DER GEFINGERPOKEN UND MITTENGRABEN! ODERWISE IST EASY TO SCHNAPPEN DER SPRINGENWERK, BLOWENFUSEN UND POPPENCORKEN MIT SPITZENSPARKSEN.
IST NICHT FÜR GEWERKEN BEI DUMMKOPFEN. DER RUBBERNECKEN SIGHTSEEREN KEEPEN DAS COTTONPICKEN HÄNDER IN DAS POCKETS MUSS.
ZO RELAXEN UND WATSCHEN DER BLINKENLICHTEN. |
|
|
Back to top
|
|
|
Inventor
Stream Operator
Joined: Oct 13, 2007
Posts: 6221
Location: near Austin, Tx, USA
Audio files: 267
|
| Posted: Fri Mar 28, 2008 2:53 pm Post subject:
|
|
|
| Blue Hell wrote: | | v-un-v wrote: |
Recently I've been discovering a new idea- it's called; "pencil and paper" |
Where can I DL that ?? Google has nothing on it |
I have a pen, but it's got a Write Only Memory...
_________________
"Let's make noise for peace." - Kijjaz |
|
|
Back to top
|
|
|
Kassen
Janitor
Joined: Jul 06, 2004
Posts: 7678
Location: The Hague, NL
G2 patch files: 3
|
| Posted: Fri Mar 28, 2008 7:11 pm Post subject:
|
|
|
| Blue Hell wrote: |
Maybe so today, maybe not tomorrow, or maybe a cell phone will be hacked fastest then, it's a battle, there always is a weakest spot. |
Still... you can say something about the likelihood of things like this happening. Integrating the browser with the OS while mucking up the line between data and executable has turned out to be a recipe for disaster as MS has shown time and time again.
Having a good model for privileges, for example, while not making you perfectly secure on it's own will make security a lot easier. Apple's security currently seems to revolve mainly around denial and lawsuits, combined with a advertising style that promotes a false sense of security.
It's a battle and there will be a weakest spot (I agree) so I think it makes sense to try to make sure that spot isn't yours wherever possible. It'll be interesting to see how long it takes for the patch to arrive; to me that's the aspect that really matters and that's a area where Apple hasn't been doing so well in the past years (worse then Windows, in fact, according to some figures), maybe the high-profile nature of this case will help but if memory serves the QT exploit window was open for quite a while.
_________________
Kassen |
|
|
Back to top
|
|
|
elektro80
Site Admin
Joined: Mar 25, 2003
Posts: 21959
Location: Norway
Audio files: 14
|
| Posted: Fri Mar 28, 2008 8:02 pm Post subject:
|
|
|
| Quote: | No one was able to hack into any of the machines by attacking them over the network on the first day of the contest.
But Miller succeeded when the organisers allowed hackers to direct human operators of the three machines to visit websites and open emails.
Miller's exploit code was on a website and the Mac fell within two minutes. He was only able to use software preinstalled on the Mac, so experts assume that the vulnerability must lay with Apple's Safari browser. |
I´m guessing that Safari wasn´t set as secure as it should be and it iwas when run with the default settings. Actually, it is set to open downloads .. which is plain stupid. Most probably it was also run under an admin user without a password which is also not a smart move. Bottom line is that these days OS X and Safari are both set to a default behaviour which is pretty daft. In such an environment there are a few exploits that can be used in order to take over the machine.
_________________
A Charity Pantomime in aid of Paranoid Schizophrenics descended into chaos yesterday when someone shouted, "He's behind you!"
MySpace
SoundCloud
Flickr |
|
|
Back to top
|
|
|
v-un-v
Janitor
Joined: May 16, 2005
Posts: 8933
Location: Birmingham, England, UK
Audio files: 11
G2 patch files: 1
|
| Posted: Sat Mar 29, 2008 4:56 am Post subject:
|
|
|
Ah yes, but the bottom line is that does Safari ever actually get hacked?? We all see these scare stories from time to time, but does anybody who is coding really give a hoot (apart from porn spammers ) about hacking a Mac? Windows? Well yes, because in the divine wisdom of the USA's military, they decided to install windows- and it got hacked!
Personally, I can't help getting the feeling that the iPod and the iPhone (and Android et al etc etc) is the future of personal computing. I'm coming to this conclusion because these days I only seem to use computers for two purposes; email and internet- and watching dvd's.
I honestly like pencil and paper! 
_________________
ACHTUNG!
ALLES TURISTEN UND NONTEKNISCHEN LOOKENPEEPERS!
DAS KOMPUTERMASCHINE IST NICHT FÜR DER GEFINGERPOKEN UND MITTENGRABEN! ODERWISE IST EASY TO SCHNAPPEN DER SPRINGENWERK, BLOWENFUSEN UND POPPENCORKEN MIT SPITZENSPARKSEN.
IST NICHT FÜR GEWERKEN BEI DUMMKOPFEN. DER RUBBERNECKEN SIGHTSEEREN KEEPEN DAS COTTONPICKEN HÄNDER IN DAS POCKETS MUSS.
ZO RELAXEN UND WATSCHEN DER BLINKENLICHTEN. |
|
|
Back to top
|
|
|
Kassen
Janitor
Joined: Jul 06, 2004
Posts: 7678
Location: The Hague, NL
G2 patch files: 3
|
| Posted: Sat Mar 29, 2008 5:01 am Post subject:
|
|
|
| elektro80 wrote: |
I´m guessing that Safari wasn´t set as secure as it should be and it iwas when run with the default settings. Actually, it is set to open downloads .. which is plain stupid. Most probably it was also run under an admin user without a password which is also not a smart move. Bottom line is that these days OS X and Safari are both set to a default behaviour which is pretty daft. In such an environment there are a few exploits that can be used in order to take over the machine. |
Could well be but as that's a type of issue that's beyond many users to resolve I'd say that would deserve some attention from Apple.
Regardless of the exact cause I'm in favour of this type of research and how it forces companies to close holes. Even if you are on OSX and me on Linux both of us benefit if Windows holes are closed because those Windows computers are on the same internet as we are.
More generally about Apple's policy; I would be in favour of open-ness about what the exact issue is and the expected date of a patch. If it's in -say- Java one could disable Java for a few days and still be safe. Apple on the other hand believes in a policy of not talking about this, partially to keep the knowledge from spreading but I suspect there's a marketing angle as well. I feel that policy puts end-users and particularly system administrators at a dis-advantage and I think that the days of Apple being able to get away with that because of the small market-share are quickly running out.
For example Inventor above suggested switching to Firefox... but we don't know right now that that would help. Without the information he needs he may inconvenience himself with a browser that's not his favourite without any gains.
_________________
Kassen |
|
|
Back to top
|
|
|
Kassen
Janitor
Joined: Jul 06, 2004
Posts: 7678
Location: The Hague, NL
G2 patch files: 3
|
| Posted: Sat Mar 29, 2008 5:13 am Post subject:
|
|
|
| v-un-v wrote: | | Ah yes, but the bottom line is that does Safari ever actually get hacked?? We all see these scare stories from time to time, but does anybody who is coding really give a hoot (apart from porn spammers ) about hacking a Mac? Windows? Well yes, because in the divine wisdom of the USA's military, they decided to install windows- and it got hacked! |
Yeah... I think people are interested. Because of the sense of security that many Apple users seem to experience Mac's often lack virus and mall-ware scanners. If you could get a few infected you will likely have them as bots for a longer time. Considering that they are relatively expensive and so likely to be owned by relatively rich people I would expect a correlation between that OS and big broadband connections. With the increasing market-share they will at some point get to be very appealing to hackers.
| Quote: |
Personally, I can't help getting the feeling that the iPod and the iPhone (and Android et al etc etc) is the future of personal computing. I'm coming to this conclusion because these days I only seem to use computers for two purposes; email and internet- and watching dvd's.
|
Sure, or low-powered small and cheap systems like the EEE. There's a big market there and it's growing; many people use their computer like that. I wouldn't mind more specialisation with devices like that used for communication and "real" computers getting a OS that's optimised by moving those tasks out of the way and focussing more on actually crunching numbers and less on pretty interfaces for social applications.
| Quote: | | I honestly like pencil and paper! |
Me too, I always keep a notebook on me and next to my computer.
I friend of mine once said "well, Kassen, I work with computers day in day out, I know a lot about them....... so this kind of information I write down on paper", I've repeated that quote myself a lot since then :¬)
_________________
Kassen |
|
|
Back to top
|
|
|
elektro80
Site Admin
Joined: Mar 25, 2003
Posts: 21959
Location: Norway
Audio files: 14
|
| Posted: Sat Mar 29, 2008 5:16 am Post subject:
|
|
|
| Kassen wrote: | | Could well be but as that's a type of issue that's beyond many users to resolve I'd say that would deserve some attention from Apple. |
Absolutely! OS X is just another UNIX even though it looks like a group hug to the uninitiated.
_________________
A Charity Pantomime in aid of Paranoid Schizophrenics descended into chaos yesterday when someone shouted, "He's behind you!"
MySpace
SoundCloud
Flickr |
|
|
Back to top
|
|
|
v-un-v
Janitor
Joined: May 16, 2005
Posts: 8933
Location: Birmingham, England, UK
Audio files: 11
G2 patch files: 1
|
| Posted: Sat Mar 29, 2008 8:28 am Post subject:
|
|
|
PayPal seem to think the same thing;
http://www.allheadlinenews.com/articles/7010176631
-although to be honest, I've never had a problem so far with phishing. IMO, it's up to an individual to be on the look out. The vast majority of dodgy emails asking me to 'log-on' have actually looked like dodgy sites anyway. I think you have to be pretty darn stupid to get 'hooked'.
_________________
ACHTUNG!
ALLES TURISTEN UND NONTEKNISCHEN LOOKENPEEPERS!
DAS KOMPUTERMASCHINE IST NICHT FÜR DER GEFINGERPOKEN UND MITTENGRABEN! ODERWISE IST EASY TO SCHNAPPEN DER SPRINGENWERK, BLOWENFUSEN UND POPPENCORKEN MIT SPITZENSPARKSEN.
IST NICHT FÜR GEWERKEN BEI DUMMKOPFEN. DER RUBBERNECKEN SIGHTSEEREN KEEPEN DAS COTTONPICKEN HÄNDER IN DAS POCKETS MUSS.
ZO RELAXEN UND WATSCHEN DER BLINKENLICHTEN. |
|
|
Back to top
|
|
|
Kassen
Janitor
Joined: Jul 06, 2004
Posts: 7678
Location: The Hague, NL
G2 patch files: 3
|
| Posted: Sun Mar 30, 2008 7:10 am Post subject:
|
|
|
http://www.news.com/8301-13579_3-9906001-37.html?tag=nefd.top
Vista fell. Remarkably not even due to MS themselves but because of Adobe's Flash.
Of course we already knew Adobe cares about as much about security as they care about making efficient applications with that incident a few years back where a Russian (where such work is perfectly legal) security analyst discovered their e-book format stored the password in the file itself (!!!!???) and Adobe decided to have the man arrested as soon as he set foot on US soil (how or why Adobe can do that may remain a mystery, why they didn't thank him instead is a even bigger one as is how on earth they could be that retarded in the first place). Net result; security conferences moving out of the US. Whoopty do.
It's not so surprising Adobe and Apple get pwned but I am a bit surprised Vista as a OS survived, especially after cleaning a Vista laptop a few days ago, I imagined sneezing at it would be enough. Ubuntu survived the conference.
_________________
Kassen |
|
|
Back to top
|
|
|
v-un-v
Janitor
Joined: May 16, 2005
Posts: 8933
Location: Birmingham, England, UK
Audio files: 11
G2 patch files: 1
|
| Posted: Sun Mar 30, 2008 8:13 am Post subject:
|
|
|
| Quote: | | A Sony Vaio laptop running Ubuntu remained unscathed at the end of the conference. |
Yeah! Go Ubuntu! GO!
_________________
ACHTUNG!
ALLES TURISTEN UND NONTEKNISCHEN LOOKENPEEPERS!
DAS KOMPUTERMASCHINE IST NICHT FÜR DER GEFINGERPOKEN UND MITTENGRABEN! ODERWISE IST EASY TO SCHNAPPEN DER SPRINGENWERK, BLOWENFUSEN UND POPPENCORKEN MIT SPITZENSPARKSEN.
IST NICHT FÜR GEWERKEN BEI DUMMKOPFEN. DER RUBBERNECKEN SIGHTSEEREN KEEPEN DAS COTTONPICKEN HÄNDER IN DAS POCKETS MUSS.
ZO RELAXEN UND WATSCHEN DER BLINKENLICHTEN. |
|
|
Back to top
|
|
|
Kassen
Janitor
Joined: Jul 06, 2004
Posts: 7678
Location: The Hague, NL
G2 patch files: 3
|
| Posted: Sun Mar 30, 2008 9:46 am Post subject:
|
|
|
No, not Ubuntu! I hate Ubuntu, it takes all of the elitism out of running Linux, it's really no fun like this with crap like working help-files and installations a kid could perform.
;¬)
(posting from Ubuntu and liking it quite a bit)
Nah, I think it's good. It's a wake-up call for the two companies I think needed one most, I'm pleasantly surprised MS cleaned up it's act... well in one regard, Vista is still SLOOOOOOOOOOOW and none of the settings are in the right place. And yeah, a nice PR boost for Ubuntu, even running on a laptop, I think many people still have the mostly outdated idea that Linux on a laptop is problematic. End good all good (assuming Apple and Adobe make patches and make them quickly)
_________________
Kassen |
|
|
Back to top
|
|
|
|
Forum index » News... » Apple Computers
FAQ
Calendar
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
Chat Room
