munkery
Mar 23, 04:20 PM
http://www.macforensicslab.com/ProductsAndServices/index.php?main_page=document_general_info&products_id=174
Much of the information in the PDF (http://www.macforensicslab.com/Malware_on_Mac_OS_X.pdf) associated with this article (http://www.macforensicslab.com/ProductsAndServices/index.php?main_page=document_general_info&products_id=174) is incorrect. For example:
Page 26
It refers to the bundle architecture as insecure. The argument presented would be true if security sensitive apps were not owned by system. Given that they are owned by system, malware cannot modify the bundle of an app owned by system without authentication when the app is run with user privileges in an admin or standard account.
For example, show package contents of iTunes, Safari, or Mail and try to create a folder in the bundle. In relation to the example in the article, try renaming iTunes. The argument in the article relies on actions that can not be completed in an OS X admin account; these type of changes are even more restricted in a standard account.
Apps not owned by system are vulnerable but without privilege escalation can not install rootkits or keyloggers. Even apps owned by system run with user privileges and require privilege escalation to install dangerous payloads.
Mac OS X does not prompt for authentication if you install apps in the proper location for that user account type. When installed in the proper location, apps are sandboxed from the system level of Mac OS X by the Unix DAC model used within Mac OS X.
Windows is less secure because most apps (Chrome only exception I can recall) install their associated files in levels of the system that require authentication regardless of user account type (unless Admin in Windows XP because running as superuser - no authentication required to install with elevated privileges - very dangerous). It is easier to trick Windows users to install a trojan with elevated privileges given that almost all apps ask for authentication to install and the user can not distinguish the intent of that authentication.
Page 30
The claim that the Application folder is unprotected is false. Security sensitive apps within the Application folder are owned by system.
Also, security sensitive system binaries are still stored in /bin and /sbin in Mac OS X.
Page 31
The ability to read the contacts stored in Address Book could be used by a worm to propagate. But, malware that uses this to spread is not likely to appear in the wild if the malware is not profitable. It is unlikely that malware will be profitable without being able to hook (this is a specific function) into apps owned by system.
Page 33
Starts off talking about trojans, trojans are easily avoided with user knowledge in Mac OS X because most apps do not require authentication to install if installed in the appropriate location where the Unix DAC model protects the system.
Viruses using the model shown in the article will not be successful without privilege escalation. This is the reason why Mac OS X malware is not successful in the wild.
By default, very few server side services are exposed in Mac OS X and those that are exposed are sandboxed. Vectors for worm propagation are limited to client side. Client side worms require authentication to install and spread if do not include privilege escalation via exploitation because of the Unix DAC model used in Mac OS X. Trojans used to trick users to authenticate are less likely to be successful in Mac OS X as stated above.
Much of the information in the PDF (http://www.macforensicslab.com/Malware_on_Mac_OS_X.pdf) associated with this article (http://www.macforensicslab.com/ProductsAndServices/index.php?main_page=document_general_info&products_id=174) is incorrect. For example:
Page 26
It refers to the bundle architecture as insecure. The argument presented would be true if security sensitive apps were not owned by system. Given that they are owned by system, malware cannot modify the bundle of an app owned by system without authentication when the app is run with user privileges in an admin or standard account.
For example, show package contents of iTunes, Safari, or Mail and try to create a folder in the bundle. In relation to the example in the article, try renaming iTunes. The argument in the article relies on actions that can not be completed in an OS X admin account; these type of changes are even more restricted in a standard account.
Apps not owned by system are vulnerable but without privilege escalation can not install rootkits or keyloggers. Even apps owned by system run with user privileges and require privilege escalation to install dangerous payloads.
Mac OS X does not prompt for authentication if you install apps in the proper location for that user account type. When installed in the proper location, apps are sandboxed from the system level of Mac OS X by the Unix DAC model used within Mac OS X.
Windows is less secure because most apps (Chrome only exception I can recall) install their associated files in levels of the system that require authentication regardless of user account type (unless Admin in Windows XP because running as superuser - no authentication required to install with elevated privileges - very dangerous). It is easier to trick Windows users to install a trojan with elevated privileges given that almost all apps ask for authentication to install and the user can not distinguish the intent of that authentication.
Page 30
The claim that the Application folder is unprotected is false. Security sensitive apps within the Application folder are owned by system.
Also, security sensitive system binaries are still stored in /bin and /sbin in Mac OS X.
Page 31
The ability to read the contacts stored in Address Book could be used by a worm to propagate. But, malware that uses this to spread is not likely to appear in the wild if the malware is not profitable. It is unlikely that malware will be profitable without being able to hook (this is a specific function) into apps owned by system.
Page 33
Starts off talking about trojans, trojans are easily avoided with user knowledge in Mac OS X because most apps do not require authentication to install if installed in the appropriate location where the Unix DAC model protects the system.
Viruses using the model shown in the article will not be successful without privilege escalation. This is the reason why Mac OS X malware is not successful in the wild.
By default, very few server side services are exposed in Mac OS X and those that are exposed are sandboxed. Vectors for worm propagation are limited to client side. Client side worms require authentication to install and spread if do not include privilege escalation via exploitation because of the Unix DAC model used in Mac OS X. Trojans used to trick users to authenticate are less likely to be successful in Mac OS X as stated above.
bobber205
Sep 8, 01:30 PM
Ok, my prediction:
New nano will have to have a new name, or more than 4gb in the low end, otherwise it will be available as part of the get a free ipod campaign... i don't think apple will do that. Reminds me of a certain SNL skit.
or... mb and mbp will be upgraded to C2D... the rebate clearly lists only core duo systems as eligible. then you won't be able to get any free ipods except with a mac pro
there you have it
I remember that SNL skit too. That was great.
New nano will have to have a new name, or more than 4gb in the low end, otherwise it will be available as part of the get a free ipod campaign... i don't think apple will do that. Reminds me of a certain SNL skit.
or... mb and mbp will be upgraded to C2D... the rebate clearly lists only core duo systems as eligible. then you won't be able to get any free ipods except with a mac pro
there you have it
I remember that SNL skit too. That was great.
citizenzen
Apr 21, 09:21 PM
Dear government, at somepoint sinss the 18th centory, we've become completely incapable of taking care of owwselves.
There's actually a good reason for that. Chick it out (http://inventors.about.com/library/inventors/blfarm4.htm) ...
1850
Total population: 23,191,786
Farm population: 11,680,000 (estimated)
Farmers made up 64% of labor force
Number of farms: 1,449,000
Average acres: 203
1860 Farmers made up 53% of labor force
1870 Farmers made up 49% of labor force
1880 Farmers made up 49% of labor force
1890 Farmers made up 43% of labor force
1890 Farmers made up 43% of labor force
1900 Farmers made up 38% of labor force
1910 Farmers made up 31% of labor force
1920 Farmers made up 27% of labor force
1930 Farmers made up 21% of labor force
1940 Farmers made up 18% of labor force
1950 Farmers made up 12% of labor force
1960 Farmers made up 8.3% of labor force
1970 Farmers made up 4.6% of labor force
1980 Farmers made up 3.4% of labor force
1990 Farmers made up 2.6% of labor force
That trend might explain a few things.
There's actually a good reason for that. Chick it out (http://inventors.about.com/library/inventors/blfarm4.htm) ...
1850
Total population: 23,191,786
Farm population: 11,680,000 (estimated)
Farmers made up 64% of labor force
Number of farms: 1,449,000
Average acres: 203
1860 Farmers made up 53% of labor force
1870 Farmers made up 49% of labor force
1880 Farmers made up 49% of labor force
1890 Farmers made up 43% of labor force
1890 Farmers made up 43% of labor force
1900 Farmers made up 38% of labor force
1910 Farmers made up 31% of labor force
1920 Farmers made up 27% of labor force
1930 Farmers made up 21% of labor force
1940 Farmers made up 18% of labor force
1950 Farmers made up 12% of labor force
1960 Farmers made up 8.3% of labor force
1970 Farmers made up 4.6% of labor force
1980 Farmers made up 3.4% of labor force
1990 Farmers made up 2.6% of labor force
That trend might explain a few things.
cult hero
May 3, 03:07 PM
"Apple OSX" and "3rd party device drivers" defines a place that is not a "happy place"
No. No it's not.
No. No it's not.
baxterbrittle
Aug 31, 11:39 AM
I don't care what it is, just give us something new to talk about. Mac Pro really nice machine but we saw it coming months in advance. Maybe not he exact spec but yeah we all knew it was coming. Same with Merom, Conroe etc... Give us something new, really new. All we have had for what seems like an age is Intel switch this Intel switch that. I don't care what processor they use as long as they are faster than they were before and it's still a Mac. I want nay, need a new product - something so I know that Apple are still innovating. Switching to Intel, no innovation there just good sense.
ChazUK
Apr 20, 01:50 PM
*Shrug* It is probably a feature enabled on the majority of GSM carriers for statistical purposes. Again, I don't see the problem. If this information is used to improve my network coverage, why should I care? If I'm not part of a secret terrorist cell, I don't see how my life is being negatively impacted by this information especially if it does not have any identifiable information attached to it.
Apparently this feature is not enabled on Verizon phones.
No one was insinuating you were a terrorist so chill, ok?:D
Out of interest, what makes you think its to improve cell coverage? Why is it recording wifi access point names, locations and MAC addresses if that is the case?
If you haven't yet, watch the video. It's quite informative of what is being recorded.
Apparently this feature is not enabled on Verizon phones.
No one was insinuating you were a terrorist so chill, ok?:D
Out of interest, what makes you think its to improve cell coverage? Why is it recording wifi access point names, locations and MAC addresses if that is the case?
If you haven't yet, watch the video. It's quite informative of what is being recorded.
pyroza
Apr 25, 06:19 PM
Getting rid of the optical drive would be stupid. No way to burn CDs (yes, I buy CDs because I like supporting artists and I like higher quality music) and no way to watch DVDs (no DVD player or TV here in my dorm room).
deputy_doofy
Sep 14, 09:34 AM
Admittedly, I am definitely waiting for the C2D, but I am joking in this particular thread. It's always possible they could release it, but it's not likely. I didn't expect any computer upgrades at the iPod/iTunes show either.
The most I use photo stuff is connect my gf's camera to my powerbook and steal.... *ahem*, I mean, archive.... her pictures. :D
The most I use photo stuff is connect my gf's camera to my powerbook and steal.... *ahem*, I mean, archive.... her pictures. :D
tristangage
Apr 25, 06:52 AM
I really am completely appalled at the OP's attitude here. I've not read all of the posts in this thread but I haven't yet seen one single person agree with him, and he continues to be so arrogant as to think he's in the right?
People like you, Don, completely sicken me. I wasn't surprised that you were driving an M5, although that's probably stereotypical of me. Your parents are a disgrace, and your uncle too. In fact your whole family is a hideous representation of the worst side of the human race. You should not be driving an M5 aged 16. If only the US laws were more like over here in the UK, you wouldn't even have started learning to drive yet, and even then learners are not allowed to drive anything that has a 2 litre engine or more.
Somehow, I don't think you're going to grow up anytime soon. I hope, someday soon, you get taught the lesson you deserve. If I had the chance I'd be first in line.
People like you, Don, completely sicken me. I wasn't surprised that you were driving an M5, although that's probably stereotypical of me. Your parents are a disgrace, and your uncle too. In fact your whole family is a hideous representation of the worst side of the human race. You should not be driving an M5 aged 16. If only the US laws were more like over here in the UK, you wouldn't even have started learning to drive yet, and even then learners are not allowed to drive anything that has a 2 litre engine or more.
Somehow, I don't think you're going to grow up anytime soon. I hope, someday soon, you get taught the lesson you deserve. If I had the chance I'd be first in line.
Constable Odo
Apr 4, 12:17 PM
Too bad it won't serve as a warning to criminals to stop breaking into Apple stores. I hope it wasn't some white guard, black criminal shooting. That will really cause a lot of negative feedback.
BWhaler
Oct 12, 05:25 PM
They might as well add a Core 2 Duo Mac Book Pro too.
Best post of the day.
My gues is that all these whiners would not even notice if you snuck in at night and swapped out ther procesor for a C2D chip. They'd just wake up the next moring fire up the computer and never even notice.
It's like those audiophiles who argue endlessly about if gold plated or silver plated speaker wire sounds better.
Worst & dumbest post of the day.
Best post of the day.
My gues is that all these whiners would not even notice if you snuck in at night and swapped out ther procesor for a C2D chip. They'd just wake up the next moring fire up the computer and never even notice.
It's like those audiophiles who argue endlessly about if gold plated or silver plated speaker wire sounds better.
Worst & dumbest post of the day.
KnightWRX
Apr 19, 07:03 AM
I think this may be one of those stories where the media make it sound much bigger than it is. A load of lawyers will make a ton of money and the two companies will come to some sort of licensing agreement or Apple will get a discount on some of the parts they buy.
Or this will drag out for years and be eventually settled/judged when it is completely irrelevant. Actually, this is the most likely outcome, since all civil lawsuits over IP in the states last for years.
We'll never quite know what happened nor do I believe anyone will dig deep enough so we actually know Apple's claims in all of this.
Or this will drag out for years and be eventually settled/judged when it is completely irrelevant. Actually, this is the most likely outcome, since all civil lawsuits over IP in the states last for years.
We'll never quite know what happened nor do I believe anyone will dig deep enough so we actually know Apple's claims in all of this.
darklich
Apr 4, 11:59 AM
Seems unfair to kill someone for robbery. Yes they're breaking the law, but only deserve a prison sentence. Do you really really think someone should be shot and killed for attempting to steal a few laptops and smash a few windows? If you do then man you have issues.
Read the details of the story. http://www.10news.com/news/27421748/detail.html
They were armed and exchanged fire. Changed your mind?
Read the details of the story. http://www.10news.com/news/27421748/detail.html
They were armed and exchanged fire. Changed your mind?
linux2mac
May 3, 11:04 AM
I want dual out screen on the MBP =(:(
Would be great to have dual out on 11" MBA too. This way I could have dual displays at my remote office.
Would be great to have dual out on 11" MBA too. This way I could have dual displays at my remote office.
ckodonnell
Sep 14, 10:37 AM
Dell currently quotes 9-22. Or did yesterday when I placed an order.
If nothing else, 9-24 is extremely close to 9-27 - the date on which Dell claims to be shipping their (Merom) Core 2's.
If nothing else, 9-24 is extremely close to 9-27 - the date on which Dell claims to be shipping their (Merom) Core 2's.
kevin.rivers
Jul 14, 12:36 PM
It's dead easy to notice the difference... Conroe has a 1066MHz FSB. Merom has a 667MHz FSB.
Yes, but to the average consumer. These things aren't very important. They will be looking at Ghz, and Apple's "X times faster" looks at the processor. That is what Apple is marketing, not FSB.
Yes, but to the average consumer. These things aren't very important. They will be looking at Ghz, and Apple's "X times faster" looks at the processor. That is what Apple is marketing, not FSB.
stockscalper
Apr 23, 07:39 AM
Yes it is a deal breaker. I actually spend quite a bit of time in bed after lights out surfing and reading, keeping up with stuff (I am doing it at this moment) with the brightness at the lowest level +1 to not disturb my wife, and its definitely not enough to see the keyboard.
I also like it for taking notes in a dark presentation room. I got the newer air and returned it after a week (and gladly paid the restocking fee) because of this alone. I really liked the reduced weight and bulk, didnt miss the optical drive, but I gotta have that keyboard backlit.
right now I tend to use the ipad when I am just reading, but when I have to type it gets awkward, so I break out a laptop.
I use mine in dimly lit rooms too, but have not problems because I can type. It's a fantastic machine and not to get one because the keys don't glow in the dark is just plain stupid.
I also like it for taking notes in a dark presentation room. I got the newer air and returned it after a week (and gladly paid the restocking fee) because of this alone. I really liked the reduced weight and bulk, didnt miss the optical drive, but I gotta have that keyboard backlit.
right now I tend to use the ipad when I am just reading, but when I have to type it gets awkward, so I break out a laptop.
I use mine in dimly lit rooms too, but have not problems because I can type. It's a fantastic machine and not to get one because the keys don't glow in the dark is just plain stupid.
firewood
Mar 23, 04:50 PM
The way to solve this is to put a sobriety test in the app that has to be passed before the user can view any checkpoints. That way sober drivers won't have to take a route that wastes their valuable time. And sufficiently impaired drunk should be locked out of the app.
The app's sobriety test "login" can check a person's balance using the accelerometer and gyro, measure their reflex time, and maybe run a short N-back memory and attention span test that should discourage anyone who can't pass these tests from driving in the first place, maybe even display the length of the latest prison sentences doled out to people who drove impaired in their county.
The app's sobriety test "login" can check a person's balance using the accelerometer and gyro, measure their reflex time, and maybe run a short N-back memory and attention span test that should discourage anyone who can't pass these tests from driving in the first place, maybe even display the length of the latest prison sentences doled out to people who drove impaired in their county.
Doctor Q
Aug 23, 06:10 PM
You seem to be unfamiliar with our court system. This case could have dragged on for YEARS, and cost Apple a TON of money--possibly far more than 100 Million.I know the bills add up quickly, but just how much does an active case cost? That's a lot of zeroes!
fixyourthinking
Sep 26, 07:59 AM
I still think Apple will go MVNO [Mobile Virtual Network Operator] and sell it exclusively though Apple Stores and "Stores Within A Store" (CompUSA, Circuit City, Best Buy, Fry's, Microcenter) - it will most likely be LEASED time from Cingular.
For those wanting it on another service like TMobile or SunCom in the US ... it's almost a certainty that someone will come up with a way to unlock it within a few weeks of release. (maybe even a few days)
For those wanting it on another service like TMobile or SunCom in the US ... it's almost a certainty that someone will come up with a way to unlock it within a few weeks of release. (maybe even a few days)
Aldaris
Mar 22, 02:32 PM
I think you'll find that rumors of the Mac Pro's death are greatly exaggerated.
Thunderbolt honestly wouldn't bring very much to a Mac Pro right now. They have access via PCI expansion to drives, etc. that keep pace with and even beat Thunderbolt in some instances. As the tech matures it will outpace others and eventually find its way to the Mac Pro. Yes, the iMacs, and the iToys get more and more powerful with every generation...but then, so do the Pros...they all have a space on Apple's buffet bar.
I agree, I think it'll be great for the portable's and consumer items, to be able to customize certain peripherals to the individual needs, at the moment I have a PowerBook G4, MacBook Pro, Power Mac G4, Power Mac G5, all for certain tasks, I could solve all this with a thunderbolt equipped MacBook pro and Mini... Think of the space saving's there...
The Pro will be around for a lot longer, it just serves a Pro/sumer market, the processors they sport generally come later down the pipe anyway like sandy bridge xeons in Q3/Q4.
Thunderbolt honestly wouldn't bring very much to a Mac Pro right now. They have access via PCI expansion to drives, etc. that keep pace with and even beat Thunderbolt in some instances. As the tech matures it will outpace others and eventually find its way to the Mac Pro. Yes, the iMacs, and the iToys get more and more powerful with every generation...but then, so do the Pros...they all have a space on Apple's buffet bar.
I agree, I think it'll be great for the portable's and consumer items, to be able to customize certain peripherals to the individual needs, at the moment I have a PowerBook G4, MacBook Pro, Power Mac G4, Power Mac G5, all for certain tasks, I could solve all this with a thunderbolt equipped MacBook pro and Mini... Think of the space saving's there...
The Pro will be around for a lot longer, it just serves a Pro/sumer market, the processors they sport generally come later down the pipe anyway like sandy bridge xeons in Q3/Q4.
Sensamic
Mar 23, 09:21 PM
Dont forget you'll need an SSD too inside the iMac to achieve the Thunderbolt speeds!!
And it must be a very good and expensive SSD, with more than 700MB/s.
Thunderbolt not worth it right now because its TOO expensive. I'll wait 2 years, when SSDs are much MUCH more cheaper.
And it must be a very good and expensive SSD, with more than 700MB/s.
Thunderbolt not worth it right now because its TOO expensive. I'll wait 2 years, when SSDs are much MUCH more cheaper.
mi5moav
Oct 12, 04:19 PM
I hope somehow apple creates forum software with spotlight search so as soon as I start typing something it searches through 500 pages of posts and on the right side of the screen will show similar comments, who posted it, and on what pages similar comments are/where posted.
puuukeey
Sep 16, 12:47 AM
I have breaking news on the new super secret iPhone. here are some features just added to prototype #62QE91Z-004.2
� teledildonics
� 8 tracks of 88.2 kHz
� extra bnc outputs
� midi jack for ring tones
� 9 core processor
� stamps your passport
� microwavabe
� optional wood paneling
� tv and radio tuner
� dolby digital encoding
� brita filter
� updated version of manhole
� hypercard
� digdug
� dictionary
� todo list
� windows media support
� distributed processing support
� 802.11ntrails
� stereoscopic viewfinder
� soap dispenser
� silicon graphics core
� limewire, torrent, napster
� crank generator
� pet moneky
� built in projector
� band name generator
� bill gates voodoo doll
� address book preloaded with shrubyas rolodex
� built in ipod dock
� LEDS... LOTS OF EM!!!!!
� taste and smell sensor
� navigation system
� google maps
� zippo
more here (http://forums.macrumors.com/showthread.php?t=233708&page=9)
� teledildonics
� 8 tracks of 88.2 kHz
� extra bnc outputs
� midi jack for ring tones
� 9 core processor
� stamps your passport
� microwavabe
� optional wood paneling
� tv and radio tuner
� dolby digital encoding
� brita filter
� updated version of manhole
� hypercard
� digdug
� dictionary
� todo list
� windows media support
� distributed processing support
� 802.11ntrails
� stereoscopic viewfinder
� soap dispenser
� silicon graphics core
� limewire, torrent, napster
� crank generator
� pet moneky
� built in projector
� band name generator
� bill gates voodoo doll
� address book preloaded with shrubyas rolodex
� built in ipod dock
� LEDS... LOTS OF EM!!!!!
� taste and smell sensor
� navigation system
� google maps
� zippo
more here (http://forums.macrumors.com/showthread.php?t=233708&page=9)
0 comments:
Post a Comment