[Dailydave] PWN to OWN (was Re: How Apple orchestrated web attack on researchers)

Adriel T. Desautels adriel at netragard.com
Wed Mar 21 14:13:35 EDT 2007 

Bob, 
    I'm sure that you remember the Month of Apple Bugs, there's one example
of people tearing OSX apart. A lot of those vulnerabilities could have been
used to break into affected systems, in particular if they were used as
helper apps. 

    On the other hand, I did recently come across a network that had been
compromised. The standard servers on that network were the Apple X servers.
I can try to look up the details on how that happened if you'd like.

    IMHO the only reason why you don't hear a lot about Mac's being hacked
is because people don't focus on them yet. Well, not enough anyway.


On 3/21/07 10:10 AM, "Bob Mahoney" <bob at zanshinsecurity.com> wrote:

> 
> On Mar 20, 2007, at 6:00 PM, Dragos Ruiu wrote:
>> This promises to be much more fun than capturing "flags." :-)
>> And a quantitative experiment on the real security of OSX.
> 
> I've tried a number of times to get details of actual OSX compromises
> in the wild, without success.  I'd like to know details of a real
> computer being used by a real person, compromised by a real
> attacker.  I've been told a number of times (even here) that examples
> exist.  But I've never gotten real info.
> 
> I am genuinely interested- while I use a Mac, nothing is
> invulnerable.  It seems reasonable that such an example must exist.
> But I have never seen or been pointed to one.
> 
> Given the sort of talent here, I'd be disappointed if no one here
> could beat a default install, if motivated to do so.  But I'd also be
> disappointed if a Navy SEAL couldn't kill me with a paper clip.
> Serious expertise yields solid results, and I have appropriate fear
> and respect for true ninja skills.  But ninjas aren't my threat
> model, so this isn't a very relevant test from my perspective.
> 
> There are many detailed analyses of compromised Windows and Unix
> machines.  Thousands and thousands.  Example autopsies abound.  What
> I'd like to see is an equally expert and detailed analysis of a real-
> world OSX compromise, where the attacker was not a security researcher.
> 
> I keep my eyes open, and ask occasionally, but it's entirely possible
> I've missed the example I'm looking for.  If someone can point me to
> one, I would be grateful and interested.
> 
> There is a Secret Service presentation on Mac forensics scheduled for
> an upcoming HTCIA meeting in Boston.  I'll be interested in hearing
> what sorts of numbers they have seen, and if any examples involved
> compromise instead of merely evidence gathering.
> 
> -Bob
> 
> PS:  I also would like to see more OSX security presentations at
> conferences.  But given the general orneriness of security people, is
> it really as simple as Apple lawyers scaring everyone off?  (This is
> a tough crowd.  I expect to be knifed in the parking lot.  :-)
> 
> 
> 
> _______________________________________________
> Dailydave mailing list
> Dailydave at lists.immunitysec.com
> http://lists.immunitysec.com/mailman/listinfo/dailydave

-- 

Regards, 
    Adriel T. Desautels
    Chief Technology Officer - Netragard, LLC
    Office: 617-934-0269 || Mobile : 857-636-8882
    http://www.linkedin.com/pub/1/118/a45
    http://www.netragard.com
    -------------------------
    "We make IT secure."

More information about the Dailydave mailing list