Author Topic: OS X on the radar of exploit-developers  (Read 4322 times)

0 Members and 1 Guest are viewing this topic.

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
OS X on the radar of exploit-developers
« on: February 25, 2006, 03:19:40 am »
http://isc.sans.org/diary.php?storyid=1145

Getting scary! 

Of course:
Quote
The recent news of these vulnerabilities in the OS is getting plenty of attention.  [...]  I think there is some lazy journalism, and sensationalism afoot.  Yet, like any FUD-storm there is usually some kernel of truth. 

Offline Ergot

  • 吴立峰 ^_^ !
  • x86
  • Hero Member
  • *****
  • Posts: 3724
  • I steal bandwidth. p_o
    • View Profile
Re: OS X on the radar of exploit-developers
« Reply #1 on: February 25, 2006, 03:38:33 am »
Mmm I read about two of those vulnerabilities, both seem rather hard to pull off though.
Who gives a damn? I fuck sheep all the time.
And yes, male both ends.  There are a couple lesbians that need a two-ended dildo...My router just refuses to wear a strap-on.
(05:55:03) JoE ThE oDD: omfg good job i got a boner thinkin bout them chinese bitches
(17:54:15) Sidoh: I love cosmetology

Offline deadly7

  • 42
  • x86
  • Hero Member
  • *****
  • Posts: 6496
    • View Profile
Re: OS X on the radar of exploit-developers
« Reply #2 on: February 25, 2006, 09:25:29 am »
Yeah.  They don't seem very easy to pull off.

There's an exploit I've seen with Safari that allows a user to basically "rootkit" you, for the lack of a better word.  Basically the person gains complete access to your computer just because you visited a website via Safari.
[17:42:21.609] <Ergot> Kutsuju you're girlfrieds pussy must be a 403 error for you
 [17:42:25.585] <Ergot> FORBIDDEN

on IRC playing T&T++
<iago> He is unarmed
<Hitmen> he has no arms?!

on AIM with a drunk mythix:
(00:50:05) Mythix: Deadly
(00:50:11) Mythix: I'm going to fuck that red dot out of your head.
(00:50:15) Mythix: with my nine

Offline Warrior

  • supreme mac daddy of trolls
  • Hero Member
  • *****
  • Posts: 7503
  • One for a Dime two for a Quarter!
    • View Profile
Re: OS X on the radar of exploit-developers
« Reply #3 on: February 25, 2006, 09:44:33 am »
It's going to get pummeled by exploits, think about it: Apple has never had experience with being "under the scope" of hackers so to say. It should be interesting to see how it fares against how XP fairs (Seriously, it isn't hard to fare better)
One must ask oneself: "do I will trolling to become a universal law?" And then when one realizes "yes, I do will it to be such," one feels completely justified.
-- from Groundwork for the Metaphysics of Trolling

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: OS X on the radar of exploit-developers
« Reply #4 on: February 25, 2006, 11:38:02 am »
It's hard to say.  OS X was designed with security as a forethought rather than as an afterthought, so I think it could fair pretty well. 

Offline Nate

  • Full Member
  • ***
  • Posts: 425
  • You all suck
    • View Profile
Re: OS X on the radar of exploit-developers
« Reply #5 on: February 27, 2006, 09:38:08 pm »
Increasing Market Share will result in an increase in security issues.  Also targeting college students for your product is going to result in problems.

Anyways im waiting for the virus that corrupts iPods.

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: OS X on the radar of exploit-developers
« Reply #6 on: February 27, 2006, 09:40:58 pm »
Increasing Market Share will result in an increase in security issues.  Also targeting college students for your product is going to result in problems.

Not necessarily.  I don't see anyone exploiting Google.

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: OS X on the radar of exploit-developers
« Reply #7 on: March 09, 2006, 10:55:04 pm »
Increasing Market Share will result in an increase in security issues.  Also targeting college students for your product is going to result in problems.

Not necessarily.  I don't see anyone exploiting Google.

There are actually a lot of exploits involving Google + other sites.  There was a recent worm spreading that used Google to find vulnerable hosts.  A guy at work had the book Google Hacking for Penetration Testers.  I flipped through it and it looked like a hell of a good read, but I never got around to reading it. 

My point is that although Google isn't directly targetted, some of its "weaknesses" are indirectly used. 

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: OS X on the radar of exploit-developers
« Reply #8 on: March 09, 2006, 11:00:27 pm »
There are actually a lot of exploits involving Google + other sites.  There was a recent worm spreading that used Google to find vulnerable hosts.  A guy at work had the book Google Hacking for Penetration Testers.  I flipped through it and it looked like a hell of a good read, but I never got around to reading it. 

My point is that although Google isn't directly targetted, some of its "weaknesses" are indirectly used. 

Hehe, I heard about those.  I misused the word "exploit."

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: OS X on the radar of exploit-developers
« Reply #9 on: March 09, 2006, 11:14:12 pm »
Hehe, I heard about those.  I misused the word "exploit."

Welll, in a way.  I was kind of taking the word "exploit" to have a different meaning than you intended it to.  I realized I was doing it, but I still thought it was useful to point out. 

Offline Joe

  • B&
  • x86
  • Hero Member
  • *****
  • Posts: 10319
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Re: OS X on the radar of exploit-developers
« Reply #10 on: March 10, 2006, 04:52:54 pm »
Increasing Market Share will result in an increase in security issues.  Also targeting college students for your product is going to result in problems.

Not necessarily.  I don't see anyone exploiting Google.

There are actually a lot of exploits involving Google + other sites.  There was a recent worm spreading that used Google to find vulnerable hosts.  A guy at work had the book Google Hacking for Penetration Testers.  I flipped through it and it looked like a hell of a good read, but I never got around to reading it. 

My point is that although Google isn't directly targetted, some of its "weaknesses" are indirectly used. 

I don't know if you'd consider this harmful, but there used to be a tool that would mount your Gmail account as a local hard drive and allow you to save files on to it, in the form of attachments.
I'd personally do as Joe suggests

You might be right about that, Joe.


Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: OS X on the radar of exploit-developers
« Reply #11 on: March 10, 2006, 05:28:01 pm »
I don't think that's an exploit in any way.  I'd be surprised if Google did anything about it.  In fact, Google is planning (maybe beta-testing? I forget) a program called GDrive, I think, which lets you store your files on Google.