Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

Re: PWN to OWN (was Re: How Apple orchestrated web attack on researchers)

From: "Adriel T. Desautels" <adriel () netragard com>
Date: Wed, 21 Mar 2007 14:13:35 -0400
Bob, 
    I'm sure that you remember the Month of Apple Bugs, there's one example
of people tearing OSX apart. A lot of those vulnerabilities could have been
used to break into affected systems, in particular if they were used as
helper apps. 

    On the other hand, I did recently come across a network that had been
compromised. The standard servers on that network were the Apple X servers.
I can try to look up the details on how that happened if you'd like.

    IMHO the only reason why you don't hear a lot about Mac's being hacked
is because people don't focus on them yet. Well, not enough anyway.


On 3/21/07 10:10 AM, "Bob Mahoney" <bob () zanshinsecurity com> wrote:



On Mar 20, 2007, at 6:00 PM, Dragos Ruiu wrote:

This promises to be much more fun than capturing "flags." :-)
And a quantitative experiment on the real security of OSX.


I've tried a number of times to get details of actual OSX compromises
in the wild, without success.  I'd like to know details of a real
computer being used by a real person, compromised by a real
attacker.  I've been told a number of times (even here) that examples
exist.  But I've never gotten real info.

I am genuinely interested- while I use a Mac, nothing is
invulnerable.  It seems reasonable that such an example must exist.
But I have never seen or been pointed to one.

Given the sort of talent here, I'd be disappointed if no one here
could beat a default install, if motivated to do so.  But I'd also be
disappointed if a Navy SEAL couldn't kill me with a paper clip.
Serious expertise yields solid results, and I have appropriate fear
and respect for true ninja skills.  But ninjas aren't my threat
model, so this isn't a very relevant test from my perspective.

There are many detailed analyses of compromised Windows and Unix
machines.  Thousands and thousands.  Example autopsies abound.  What
I'd like to see is an equally expert and detailed analysis of a real-
world OSX compromise, where the attacker was not a security researcher.

I keep my eyes open, and ask occasionally, but it's entirely possible
I've missed the example I'm looking for.  If someone can point me to
one, I would be grateful and interested.

There is a Secret Service presentation on Mac forensics scheduled for
an upcoming HTCIA meeting in Boston.  I'll be interested in hearing
what sorts of numbers they have seen, and if any examples involved
compromise instead of merely evidence gathering.

-Bob

PS:  I also would like to see more OSX security presentations at
conferences.  But given the general orneriness of security people, is
it really as simple as Apple lawyers scaring everyone off?  (This is
a tough crowd.  I expect to be knifed in the parking lot.  :-)



_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave


-- 

Regards, 
    Adriel T. Desautels
    Chief Technology Officer - Netragard, LLC
    Office: 617-934-0269 || Mobile : 857-636-8882
    http://www.linkedin.com/pub/1/118/a45
    http://www.netragard.com
    -------------------------
    "We make IT secure."


_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
Previous By Date Next
Previous By Thread Next

Current thread: