Re: [Fed-Talk] OS X Hacked in 30 Minutes - The Truth
Re: [Fed-Talk] OS X Hacked in 30 Minutes - The Truth
- Subject: Re: [Fed-Talk] OS X Hacked in 30 Minutes - The Truth
- From: "Joel Esler" <email@hidden>
- Date: Wed, 8 Mar 2006 09:25:42 -0500
Just for sake of arguements sake..
They have debunked the notion that this was a true "hack" and left out
the important part about local priviledge escalation. Who says it was
even that now?
$ sudo su -
oooohh.. no!
On 3/8/06, Richard A. Kilcoyne <email@hidden> wrote:
> Make no mistake -- this 30-minute hack business was a ridiculous
> exercise. While Apple should be concerned that a hacker was able to
> gain access to this computer through a local account privilege
> elevation exploit, it's not a scenario that you'd see penetration-
> tested very often.
>
> On Mar 8, 2006, at 9:14 AM, Billy Lenox wrote:
>
> > Check this story out.
> >
> > http://www.vnunet.com/vnunet/news/2151455/false-hacking-report-prompts
> >
> >
> > On Mar 8, 2006, at 8:06 AM, Richard A. Kilcoyne wrote:
> >
> >> Something strange is definitely afoot. While the rash of recent
> >> security articles are based on a handful of press releases, when
> >> placed in the context of the computing industry things look
> >> interesting:
> >>
> >> 1) Vista is coming with purported "enhanced security"
> >> 2) For the first time in a long time (if ever), Macs are slowly
> >> but surely eating into Windows market share
> >> 3) For the most part, security in XP is a joke and this fact has
> >> gone mainstream
> >> 4) A/V vendors, under shareholder pressure to increase revs, are
> >> looking for new customers outside a saturated market (Windows A/V)
> >> 5) Linux is not a serious desktop contender
> >> 6) If Macs catch on like iPods, MS could be in for a really tough
> >> fight
> >> 7) Large media outlets such as CNN are picking up these stories --
> >> this doesn't happen by accident -- it takes momentum in its
> >> various forms
> >>
> >> There are other points that I thought of on the way home last
> >> night, but I can't recall at the moment. One thing is for sure --
> >> more ridiculous press releases are to come.
> >>
> >> Here's a question for you folks: Have many of you moved family
> >> members to Macs? After refusing to touch Windows PC anymore, just
> >> about everyone in my family has a Mac and I no longer get silly
> >> support calls. As a matter of fact, my father thinks his iBook is
> >> "boring" because there's nothing to tinker with -- it just always
> >> works as expected. :)
> >>
> >> Rick
> >>
> >> --
> >> Richard A. Kilcoyne
> >>
> >> Network Security, Code 5544
> >> Center for High Assurance Computing
> >> U.S. Naval Research Lab
> >> 4555 Overlook Avenue, SW
> >> Washington, DC 20375
> >>
> >> TEL: 202-404-1770
> >>
> >> NIPRNET: email@hidden
> >> SIPRNET: email@hidden
> >>
> >>
> >> On Mar 8, 2006, at 4:49 AM, Michael Pike wrote:
> >>
> >>> ZDNet Reported it, and it was a bunch of misinformaiton.
> >>> Thankfully a
> >>> university did another study, and here are the results:
> >>>
> >>> http://test.doit.wisc.edu/
> >>>
> >>> Again, the A/V companies are trying to capitalize on A/V software.
> >>>
> >>> DO NOT GIVE INTO THE PROPOGANDA!
> >>>
> >>> If you feel you need A/V software (and you very well may), it's free
> >>> and open source:
> >>>
> >>> http://www.clamxav.com
> >>> _______________________________________________
> >>> Do not post admin requests to the list. They will be ignored.
> >>> Fed-talk mailing list (email@hidden)
> >>> Help/Unsubscribe/Update your Subscription:
> >>> 40nrl.navy.mil
> >>>
> >>> This email sent to email@hidden
> >>
> >> _______________________________________________
> >> Do not post admin requests to the list. They will be ignored.
> >> Fed-talk mailing list (email@hidden)
> >> Help/Unsubscribe/Update your Subscription:
> >>
> >> This email sent to email@hidden
> >
> > _______________________________________________
> > Do not post admin requests to the list. They will be ignored.
> > Fed-talk mailing list (email@hidden)
> > Help/Unsubscribe/Update your Subscription:
> > 40nrl.navy.mil
> >
> > This email sent to email@hidden
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden