Archive for the ‘Security & Maintenance’ Category

Why are there no viruses for OS X

Posted on July 2nd, 2009 in Mac OS X, Security & Maintenance | View Comments

mac-egg

Why there are no viruses for OS X?

  • OS X is built on UNIX. UNIX was a multi user system with a security architecture built into it at the beginning. WINDOWS came from a single user architecture with security and multi user capability as an after thought.
  • UNIX had networking built into it from the beginning, again in Windows this was bolted in at a later date.
  • Windows built Internet Explorer into the O/S at a very deep level, and allowed code execution within the browser. In OS X the browser is a completely separate application, its not a integral part of the OS. IMHO, this is the fundamental screw-up Microsoft made, as they created so many hooks into which someone can attack the OS.
  • In earlier Windows everything ran as the system user, so the capability to compromise an entire system was easier. (see reason 1)

Read the rest of this entry »

Make Boot Camp’s NTFS Partition Writable

Posted on February 8th, 2009 in Boot Camp, Macintosh Tips & Help, Mods and Hacks, Security & Maintenance | View Comments

ntfs-write-bootcamp-macamour

Mac OS X doesn’t and will never support NTFS write but this desperate situation isn’t impossible to fix… thank God.
More… the solution is easy!
All you need is to install two small packages: MacFUSE and NTFS-3G.

You’ll be surprised like I was to see the miracle happen after you restart!

Bonus Trick: as a result of this trick, you will be able to modify the Boot Camp disk icon over your desktop… 

Also take a look at this post: Renaming/Hiding Boot Camp Partition

MobileMe is NOT secure!!!

Posted on July 11th, 2008 in Security & Maintenance, dotmac & MobileMe | View Comments


I can’t believe what I’m seeing!
The URL starts with a regular “http” instead of “https”!
There’s not “lock” icon on the right corner of Safari!
How can this possible? Very bad days for Apple it seems…

Can someone please explain me?

ARD Patcher a fix to the ARDAgent Exploit in Tiger and Leopard

Posted on July 5th, 2008 in Security & Maintenance | View Comments

[lang_en]ARD Patcher is a free utility that patches the infamous ARDAgent exploit in Mac OS X 10.4 and 10.5.
This is a fix to the exploit found a few days ago in Apple Remote Desktop.
It was an opportunity for Antivirus companies to push people installing their softwares in their Macintosh (business is business hehehe).
The software is also useful to test your Mac and see if it’s secure or not (as you can see in the screenshots below):

Download ARD Patcher here (162 Kb).[/lang_en]
[lang_fr]ARD Patcher est un utilitaire gratuit qui patche la famuse faille de sĂ©curitĂ© de l’ARDAgent que ce soit sur Mac OS X 10.4 ou 10.5.
Ce dernier fixe une faille découverte celà fait quelques jours.
Une opportunité que les compagnies qui créent des Antivirus ont exploité afin de pousser les gens à installer des Antivirus sur leurs Macs (business is business hehehe).
Cette petite application est également utile pour savoir si votre Mac est sécurisé ou pas (comme vous pouvez le constater dans les images ci dessous):

Télécharger ARD Patcher ici (162 Kb).[/lang_fr]

How to revive a dead Hard Drive

Posted on July 4th, 2008 in Security & Maintenance | View Comments

If you are one of a numerous victims of MacBook and MacBook Pro hard drive failures, there is a glimpse of hope that you can still have your data recovered. It involves removing the hard drive from its enclosure, from the computer in this case.

Removing the hard drive from a MacBook is a breeze, it takes good part of a few minutes.  However, MacBook Pro owners will need some bravery, surgical precision and, of course, lots of time. Be aware that opening the MacBook Pro will definitelyvoid your warranty.

Sometimes the drive heads get stuck in a parking bay and consequently your hard drive fails to read or boot. There is no clear indication that would help distinguish between this and the genuinely dead hard drive, but since it’s not working anyway, you can still give it a try. Often this fixes the issue.

Remove the hard drive from your computer and hold it on the palm of one hand. Give it one flat-handed brisk slap on the top of the drive. Just one. Then place it back into your computer and see if it worked.

If it’s still dead then it’s bad news. If it works – you have a decision to make; leave it as it is, and continue with your life like nothing ever happened, or get the data off the drive as soon as possible and get a replacement drive. It’s really up to you.

You’ve also learned about the benefits of backing up, so go on and get that external drive, they’re cheap as chips now, and back-up, back-up, back-up …

Extra Links at Apple.com:

http://support.apple.com/kb/TS1417

http://support.apple.com/kb/HT1379

http://support.apple.com/kb/HT1767

ARD Security Hole and 5 Solutions to Fix it

Posted on June 20th, 2008 in Security & Maintenance | View Comments

This security hole has been discovered by Intego (like the previous one).

This one is due to Apple Remote Desktop (on Leopard and Tiger). This is a dangerous one because it allows users to execute scripts and commands as root (which allow a malicious user complete access to the system) even if you’re logged in as a non-root user!

Users must download and run the scripts in order for their computer to become infected. The trojan will install itself in the /Library/Caches folder, and will set itself to run at startup.

The problem is that ARDAgent has its setuid bit set and is owned by root, which means that it will run as root. Since it’s scriptable, any commands sent via AppleScript (including those sent remotely using the osascript command) will also run as root.
To see if your system is secure or not, try this:

tell application "ARDAgent" to do shell script "whoami"
If it says “root” your system is not secure…

You can also go forward in testing the security of your computer by trying this:
tell application "ARDAgent" to do shell script "touch /test;chmod 700 /test"
A test file will be created in the root of your hard drive on which you have no rights but you can delete it by writing your administrator password!

If that’s the case, 4 solutions to protect yourself:
Read the rest of this entry »

Beware of the Trojan!

Posted on June 20th, 2008 in Security & Maintenance | View Comments

[lang_en]Hidden behind a Poker Game, this Trojan has been discovered by Intego.
PokerStealer is its name, this Trojan comes in the shape of a Poker game; it contains a shell script that will asks you for your password pretending it will fix a preferences file in your system.
Once started, PokerStealer will activate SSH on your Mac and will send to a distant server your IP address, your ID and your password.
Then, a Pirate will use these datas to connect to your Mac: erase files, control your computer and do whatever he wants to do!
[/lang_en]
[lang_es]Ocultado etrás del un juego del póker, éste Trojan ha sido descubierto por Intego.
PokerStealer es su nombre, este Trojan viene en la dimensión de una variable de un juego del póker; contiene un shell script que le pregunte que para su palabra de paso el fingimiento de ella fijará un fichero de las preferencias en su sistema.
Una vez que esté comenzado, PokerStealer active SSH en su mac y envíe a un servidor distante su IP address, su identificación y su palabra de paso.
Entonces, un pirata utilizará estos datas para conectar con su mac: ¡borre los ficheros, controle su ordenador y haga lo que él desea hacer!
[/lang_es]

A Bunch Of Updates

Posted on April 3rd, 2008 in Apple Software, Security & Maintenance | View Comments


iTunes 7.6.2, QuickTime 7.4.5, FrontRow 2.1.3, Keynote 4.0.3 and AirPort Utility 4.2.5 are available from the Software Update.
It seems Apple is fixing some security issues with QuickTime:

Apple is quietly adding several key anti-hacker security features into its flagship QuickTime media player as part of a deliberate plan to reduce the effectiveness of malicious exploits

eWeek writes.

All of these updates fix security, performance and stability issues.

I guess, we are getting used to have a FrontRow update with every iTunes & QT update.