Re: Ha Ha, told you so! [was Re: Mac OS X hacked under 30 minutes]

In article <C035A331.18829%wally@xxxxxxxxxxxxxxx>,
Wally <wally@xxxxxxxxxxxxxxx> wrote:

On 9/3/06 7:27 AM, in article
jtmckee-650269.16274908032006@xxxxxxxxxxxxxxxxxxxxxxxx, "Josh McKee"
<jtmckee@xxxxxxxxxxxxxxxxxxxxxxxx> wrote:

In article <C034C6E9.186DA%wally@xxxxxxxxxxxxxxx>,
Wally <wally@xxxxxxxxxxxxxxx> wrote:

On 8/3/06 8:22 AM, in article
jtmckee-0E258F.17224807032006@xxxxxxxxxxxxxxxxxxxxxxxx, "Josh McKee"
<jtmckee@xxxxxxxxxxxxxxxxxxxxxxxx> wrote:

<snip>


I am not saying that it wasn't the vector used to exploit the system.

Then it would appear we agree!

That's a very real possibility.

Again we agree!

However once this came to light all the
Macintosh cheerleaders immediately concluded that this HAD to be the
vector.

I disagree! many provided valid reasons, and info pertinent to this
discussion which was in stark contrast to Edwin's OP, Look at the
conclusions contained in Edwin's OP you appear to have little trouble
accepting them!. why is that? Are you not able to read his post in the
same
critical manner that you read other peoples? Others comments certainly
concluded this had to be why Edwin's optimism regarding the Macs
vulnerability was in error, as there was a real possibility that this
exploit hinged on having account access, therefore wrt OS X's relative
safety nothing has changed except as far as is known in this isolated
case!

If this is not the case then we can expect to be reading about it shortly
when a Mac is compromised that had not issued account access, if no such
compromise is forthcoming then it seem fair to assume that the access
given
made the difference and those that suggested that will be vindicated!

Only if the two systems were configured identically.

Of course! unless you are including this granted access as part of the
configuration!

The original "challenge" means nothing since we don't know the details.
We don't know what services the system had exposed nor do we know the
nature of the exploit used to gain root access. In reality we don't
really know if there ever was a compromise.

As I said above.....
"If this is not the case then we can expect to be reading about it
shortly
when a Mac is compromised that had not issued account access, if no such
compromise is forthcoming then it seem fair to assume that the access given
made the difference and those that suggested that will be vindicated!"

I'm asking for some facts to support that instead of speculation
by a bunch of Apple zealots (who seem to ignore the seriousness of a
privilege escalation in the zeal to "prove" that this wasn't a
compromise due to a flaw in one of the network enabled services on the
system).

Why do you expect additional facts from those that are merely pointing out
what logic dictates to them given the available data when facts from the
intruder are as rare as Hens teeth?

Because those people are passing speculation off as fact. Ever since
Dave pointed out that one could obtain an account on the system the Mac
cheerleaders began clamoring that the compromise was a privilege
escalation

Why is that not a fair assumption?

I didn't say it wasn't a fair assumption. But it *is* only an assumption.

Given that no machine can be shown to have been compromised without that
feature? Noting that to date it is still little more than conjecture to
suggest that even with this feature the conditions of the test have been met!

IMO the original "challenge" leaves much to be desired. I put no
credibility in its "findings".

and ignoring the real possibility that the compromise may
have been the result of an exploit of a network enabled service in spite
of the fact that one could obtain a local account.

If that is the case then as I said earlier we WILL experience further
exploits!

How do you know it hasn't already happened?

When/if a full explanation is given as to how this exploit was achieved
then
it can be assessed as to how significant the access given was! until shown
otherwise OS X's relative safety is as it has always been this exercise
has
changed nothing for the rest of us who do not hand out accounts on our
machines arbitrarily! and contrary to Edwin's assertion most people would
not do such a thing regardless of what their chosen platform is! So market
share is irrelevant!

I've got a Windows 2003 server sitting naked on the Internet with an
invitation to hack it (71.56.240.67). Been up for almost 24 hours with
no exploit.

With all due respect Josh you may be in need of an ego realignment if you
consider your challenge issued in this ng is anywhere near as enticing as a
competition to crack a Mac worldwide!

According to the Mac zealots it doesn't take much to crack a Windows
system. Therefore it doesn't have to be anywhere near as enticing.
According to you guys just putting it on the Internet is all it takes.
Yet here it is...sitting naked on the Internet just shy of 24 hours with
no issues.

Once the content is over and assuming that it remains
uncracked will you concede that Windows is just as secure as OS X?

Josh

That would be a tad silly on my part considering the evidence to the
contrary...

The evidence will be exactly the same as what the UoW provided: Nothing.

Tom elam wrote...

"Windroids, your OS of choice has so many Archilles heels it's not even
worth trying to count them. On this machine I have had 128
security-related Microsoft OS and Office updates since 2/27/04. That
is not a record to be very proud of. A less savvy user would have run
into many of the issues some of you deny exist. In spite of all the
precautions I still had a hijack of my home page and had my AV software
turned off. It took about 3 hours to fix that little incursion. Get
over it, Windows will never be as secure as the Mac until Microsoft
does what Apple did and totally re-write the OS to get rid of legacy
code and services."

All that I could honestly concede from your experiment is that it generated
little interest....BUT when you offer it up for worldwide scrutiny then you
may have something!

It's up for worldwide scrutiny. All are welcome to take the challenge.

Josh
.

Relevant Pages

  • Re: Ha Ha, told you so! [was Re: Mac OS X hacked under 30 minutes]
    ... jtmckee-6A078B.18384108032006@xxxxxxxxxxxxxxxxxxxxxxxx, "Josh McKee" ... when a Mac is compromised that had not issued account access, ... compromise is forthcoming then it seem fair to assume that the access given ... Dave pointed out that one could obtain an account on the system the Mac ...
    (comp.sys.mac.advocacy)
  • Re: Ha Ha, told you so! [was Re: Mac OS X hacked under 30 minutes]
    ... jtmckee-650269.16274908032006@xxxxxxxxxxxxxxxxxxxxxxxx, "Josh McKee" ... when a Mac is compromised that had not issued account access, ... compromise is forthcoming then it seem fair to assume that the access given ...
    (comp.sys.mac.advocacy)
  • Re: Script to access as user X
    ... passwords and privilege sets are set up on each FileMaker file ... The user that wants to open a FileMaker file has to have an account name ... That is true whether the user opens the file directly, ... On a Mac, the keychain can store the account name and password for File ...
    (comp.databases.filemaker)
  • Re: Ha Ha, told you so! [was Re: Mac OS X hacked under 30 minutes]
    ... when a Mac is compromised that had not issued account access, ... compromise is forthcoming then it seem fair to assume that the access given ... Why do you expect additional facts from those that are merely pointing out ...
    (comp.sys.mac.advocacy)