 DEF CON 9 - Mac OS X Security & Hacking
Computer security has been a hot topic over the past few months due to many hacking groups and security organizations releasing advisories and hacks to popular software revealing vicious security holes. For many years the Macintosh operating system has been neglected its time in the media concerning security issues solely due to the fact that many macintosh news media web sites felt that posting security news would reflect bad for Apple and cause 'MacHeads' (Macintosh Advocates) to dislike the news source, thus losing readers and traffic.
With the release of Apples Mac OS X there has been nothing except shortage in the media. Hacks and security advisories has existed for the Macintosh for many years as demonstrated by sites like Freaks Macintosh Archives and SecureMac.com Due to the fact that Mac OS X utilizes the BSD/Mach kernel there are infinite numbers of security issues that could exist for macusers, most of all the average Macintosh user would not know how to deal with the security concerns if a malicious trojan/virus modified the unix environment of the system.
Rootkit for Mac OS X ?
At this years annual hacker convention DEF CON held in Las Vegas, NV at the Alexis Park (July 13th-15th) Freaky of Freaks Macintosh Archives gave a speech on Macintosh security & hacking for his third year. This year the main focus was directly on Mac OS X security measures and installation. Freaky reminded users to keep their eyes open for upgrades/patches and to install and correct the issues promptly.
As imagined last year, security related software vendors are having some trouble getting their OS X versions ready because of the lack of experience in the unix environment and finding a way to actually keep the system secure from the Macintosh world and the UNIX environment. And unix based programs like su (super user do) have been at fault for allowing users to execute malicious code to gain administrative privileges, this was due to Apple bundling a older version of the software, newer version fixing the error in the programming was released by the author months before.
Freaky gave out white papers on security issues and numerous giveaways from security and programming vendors. One of which he demonstrated was MacAnalysis a security auditing suite for the Macintosh which evaluates the network for any open security issues or exploits and explains how to resolve the issues. The software evaluates all operating systems and hardware, it has been compared to many popular unix based security auditing tools.
Question and answers brought up many rumors which were unconfirmed, one of which is that NetInfo - the application which stores user account information such as logins and passwords was to be eliminated in version 1.1 of OS X. Since the release of 10 there has been concerns about NetInfo and how other programs (ie: nidump) can access the information stored within making it possible for someone to crack the passwd file, gaining other users account information even root.
As time goes by we are sure to notice sites that never cared about the security of the Macintosh users switch over because
they will realize that security and hacking topics brings them more attention from the world and hopefully the hardcore Mac
Advocates will understand why this information has to be publicized. (just incase your wondering - so the vendors fix the
issues right away and they do not remain unfixed for years as they have in the past) Defcon 9 Def con
The speeches from DEF CON 7 and 8 are available on the Freaks Macintosh Archives CD volume 1 and 2 along with the rest of the Macintosh underground archives.
Miss the speech have any questions, comments or suggestions please e-mail us. macsec@securemac.com
|
