Mac Classicpublished: 08.31.2001
remote: Yes
updated: yes
vulnerable: all aim accounts under 10 characters
The security issue was addressed by AOL and to this date does not remain a concern.
Information
Has your AOL Instant Messenger (AIM) account password come up as invalid and you are sure that you entered it correctly? Figure that your account was hijacked by someone using the program AIMThief 5.2 for the Macintosh.
Hackers found a hole in the protocol used by AIM that lets them remotely change any users passwords if the user name is 10 characters of less.
After the AIM account …
August 6, 2001 •
3 min read
Mac ClassicBroadband Internet technology, with its rapidly increasing availability and affordability, has generated a need to secure personal computers in a way never conceived by its original inventors. Constantly connected PC’s are more prone to malicious attempts by the rising amount of computer hackers and “script kiddies”. To defend ourselves without busting our wallets, several software vendors have stepped up to the plate to offer software-based firewall solutions to protect the average PC user from most attacks prevalent today.
Computers on dedicated connections are more open to Internet-based attacks because they are …
August 4, 2001 •
6 min read
Mac ClassicComputer equipment is stolen every second around the world. What makes you believe your computer is any bit safer than the next guys. The concept of Stealth Signal is simple. When you use the Stealth Signal service your computer is being kept tabs on, so the next time someone steals your laptop of desktop computer they will help you locate it, read how…
How Stealth Signal Operates
A small undetectable program (Stealth Signal Transmitter) is installed in your computer. This program silently tries to send a signal to our Monitoring Network at …
July 6, 2001 •
4 min read
AppleIt is recommended that you revisit this page because there will be frequent updates and additions as new security related resources at Apple pop-up.
General Security
Mac OS Security and Cryptography (ADC)
Technical Q&As – Security (ADC)
Product Security Response Support Information
PGP: Protecting Security Information
Security Updates
Mailing Lists
Product Security Notifications and Announcements
Apple’s Implementation of the Common Data Security Architecture
Software
Mac OS (General)
Keychain Manager (ADC)
Mac OS: “Unable to establish a secure connection” or “security certificate” Messages in Web Browsers (TIL 106211) [2001 March 23]
Securely Erasing, Accessing and Dismounting a Macintosh Partition (ADC FL11) [1999 January 11]
Accessing the …
July 2, 2001 •
5 min read
Mac ClassicMicrosoft Product for the Macintosh?
Ya I know It comes with os 8.x. If you have ever used a PC, or so they say, “Its Microsoft, its breaks, i tried to uninstall it, it broke” Well I tried to remove Microsoft Personal Web Server from my Macintosh and ran into a little problem i forgot to turn off 1 extension. WaMMo! My computer froze on startup. Probably the point where the extension realized all the other components were not there. I wonder if they plan on fixing it so it does …
June 6, 2001 •
2 min read
Mac ClassicWe all realize security is a issue for our computers, but how secure can your password and encrypted files be when your computers have been stolen?
The San Diego, California based company, SecurityWare offers a wide variety of anti theft devices for your Macintosh computers and PC’s. After careful overview of the products we felt the Cable Security kits would be most use full to the general market!
SecurityWare’s iBook/iMac kits (with or without plate) makes it possible and affordable to secure your Mac. SecureMac travels from locations and our iBooks sometimes …
June 2, 2001 •
3 min read
AppleInformation:
This concerns Macs connected to NT servers using Service Pack 4. If a Mac changes its password when connected to NT SP4, from that point on, PCs can log into that user account with NO password (a null password.) – contributed by John Wolf
Views:
This can be a serious bug. Its not well known, and when an Appleshare Client is added, not many people think to check for security issues because, well, it’s APPLESHARE! This causes a problem on the network.
Reasonings and Technical How-SO
snip-it from ms99-004 advisory Issue
The Windows NT Security …
June 2, 2001 •
3 min read
Mac ClassicA fatal bug in MacOS X Server renders Apple’s new operating system practically useless as a web server. The problem is particularly critical since it affects MacOS Server X release 1.0 in one of its key features.
During a server load test at c’t Labs, the Apache web server built into the OS caused the machine to halt with a fatal “System Panic” error following successive CGI script queries.
CGI scripts (Common Gateway Interface) are a common server extension, frequently used for web queries. The test stopped the system cold whenever 32 …
June 2, 2001 •
2 min read
Mac ClassicInformation
A lot of this information was gathered from other sources on the Internet. This flaw is old. Just not well publicized. Now that it is, we can cover it a little more and explain why it happens, and what damage it can cause. This is a Denial of Service attack in most cases. There are a lot of scripts out there to execute this DoS attack. So watch out.
A excellent source for more information is the Macintouch ModemSecurity Page.
Views
This effects more than Macintosh Modems. Linux dialup users have seen this …
June 2, 2001 •
6 min read
Mac ClassicFileGuard Security Advisory – Disengage 1.0
OS 9.1 Ready, Now fully being developed and supported by Intego
Information
FileGuard has been a trusted program amongst Mac users who have searched for a way to keep their computers and data secure, in most recent news Intego purchased the software and will continue to make improvements and develop the software for both Macintosh and PC platform. FileGuard now fully works with Mac OS 9.1 and has many bug fixes as well as feature advancements.
Brief rundown on the functionality of FileGuard 4.0. Allow multiple users to …
June 2, 2001 •
9 min read
Mac ClassicInformation
All Apple Powerbook have the option of setting up a security control panel, making it so when you boot you must enter a password before it mounts the drive. Good security for a laptop!
Views
Good security for those LapTop Users. At lease this program can fool an idiot!
Insecurity
Security Breaches in the Password Security Control Panel: Owners of Powerbook have the option of using the Control Panel “Password Security”. With Password Security turned on the owner of the PowerBook can password-protect his/her computer. This involves a password dialog asking for a password …
June 2, 2001 •
4 min read
Mac ClassicEmail encryption problems should be solved in Sonata
by Dennis Sellers, dsellers@maccentral.com
June 15, 1999, 9:45 am ET
If you’re using a free Mac email application, you inherently have a lack of secure encryption as Andrew Jung, a computer science student at Camosun College (Victoria BC, Canada), recently discovered. Jung was using Outlook Express 4.5 on the family iMac when he came upon what he described a “disturbing bug.”
Jung attempted to use the “Change Current User” menu item of Outlook Express to access his personal email account (three separate email accounts were on …
June 2, 2001 •
4 min read