Jump to content
All visa questions and fresh Immigration updates here ×

New exploit leaves most Macs vulnerable to permanent backdooring

Chicog

By Chicog
in Apple Products

 Share

Recommended Posts

IMHO Platinum Member

IMHO

Posted
Posted (edited)

Guys, read smile.png

What this researcher is saying is that if we finds a way to execute code on a MAC, he can then modify the BIOS. To be honest, I didn't know that OSX was so locked up that apps with root access are not meant to be able to modify the BIOS - any Windows app can rewrite BIOS.


"To work, an exploit would require a vulnerability that provides the attacker with unfettered "root" access to OS X resources"

Edited by IMHO
Link to comment
Share on other sites
tominbkk Platinum Member

tominbkk

Posted
Posted

It can't possibly be true can it ? What will all those smug mac users do when a poor Windows user who has a problem and posts on here do now ?

They can't just post

" GET A MAC " now can they whistling.gif

Haha you are pitiful.

Link to comment
Share on other sites
Chicog Star Member

Chicog

Posted
  • Author
Posted

Guys, read smile.png

What this researcher is saying is that if we finds a way to execute code on a MAC, he can then modify the BIOS. To be honest, I didn't know that OSX was so locked up that apps with root access are not meant to be able to modify the BIOS - any Windows app can rewrite BIOS.

"To work, an exploit would require a vulnerability that provides the attacker with unfettered "root" access to OS X resources"

Editing Fail:

To work, an exploit would require a vulnerability that provides the attacker with unfettered "root" access to OS X resources. Such vulnerabilities aren't always easy to find, but they're by no means impossible, as demonstrated by the Rootpipe privilege escalation bug that came to light late last year. Vilaca said a drive-by exploit planted on a hacked or malicious website could be used to trigger the BIOS attack.
Link to comment
Share on other sites
IMHO Platinum Member

IMHO

Posted
Posted

Guys, read smile.png

What this researcher is saying is that if we finds a way to execute code on a MAC, he can then modify the BIOS. To be honest, I didn't know that OSX was so locked up that apps with root access are not meant to be able to modify the BIOS - any Windows app can rewrite BIOS.

"To work, an exploit would require a vulnerability that provides the attacker with unfettered "root" access to OS X resources"

Editing Fail:

To work, an exploit would require a vulnerability that provides the attacker with unfettered "root" access to OS X resources. Such vulnerabilities aren't always easy to find, but they're by no means impossible, as demonstrated by the Rootpipe privilege escalation bug that came to light late last year. Vilaca said a drive-by exploit planted on a hacked or malicious website could be used to trigger the BIOS attack.

I quoted the only real truth - which they cleverly surrounded with enough puff to make an exploit seem possible, in order to justify the puff piece it is :)

Link to comment
Share on other sites
IMHO Platinum Member

IMHO

Posted
Posted (edited)

And just to further solidify my point, here's a quote from the Rootpipe story:


Based on the extremely limited information available, there's no indication that Rootpipe can be exploited remotely

so as Ars continues on talking about drive-bys, what they're actually doing is talking out of their Ars with hypotheticals wink.png

Note: I admin just over 90 Macs, but I also admin over 190 Windows servers, and another 30+ linux servers (static - dynamic boxes scale into the 1000's) There is always a correct tool for the job. On the desktop, Windows is a farqing nightmare though, no question, no doubt. They make great servers though, so long as you firewall them with proper hardware.

I should also point out we also have 4x Windows Desktops for a special dept. - those 4 boxes take up 99% of my desktop admin time.. the 90+ Mac's take up the other 1%, and that's just pushing out OS updates and the occasional VPN setup or App install.

Edited by IMHO
Link to comment
Share on other sites
uksomchai Apprentice Member

uksomchai

Posted
Posted

It can't possibly be true can it ? What will all those smug mac users do when a poor Windows user who has a problem and posts on here do now ?

They can't just post

" GET A MAC " now can they whistling.gif

Haha you are pitiful.

NO ! Just someone with a sense of humour you appear to lack but as you are probably a Mac user it is understandable thumbsup.gif

Link to comment
Share on other sites
tominbkk Platinum Member

tominbkk

Posted
Posted

It can't possibly be true can it ? What will all those smug mac users do when a poor Windows user who has a problem and posts on here do now ?

They can't just post

" GET A MAC " now can they whistling.gif

Haha you are pitiful.

NO ! Just someone with a sense of humour you appear to lack but as you are probably a Mac user it is understandable thumbsup.gif

Oh was that humor? I thought it was just another senseless anti-mac posting.

I use PC and Mac, PCs for the first 20 years, Macs in the last 5. I DO NOT miss the constant trouble shooting getting Windows to work, keeping viruses away, etc. I have three macs and have never had a problem with any of them in 5 years of lots of use.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.







×
×
  • Create New...