Linked by Thom Holwerda on Tue 28th Jun 2011 22:16 UTC
Apple With all the news about Anonymous, LulzSec, Anti-Sec, and so on, you'd almost forget there are more ethical hacking groups out there as well. One such group, YGN Ethical Hacker Group, informed Apple of several weaknesses in its developers website on April 25. Apple acknowledged the flaws, but so far, hasn't done anything about them. YGN Ethical Hacker Group has now stated they will fully disclose the vulnerabilities if Apple doesn't fix them in the coming few days.
Thread beginning with comment 478996
To read all comments associated with this story, please click here.
What is gained?
by kaelodest on Wed 29th Jun 2011 00:12 UTC
kaelodest
Member since:
2006-02-12

OK ya made me change my password, I do that every 90 days. And I will readily admit that developers, are sometimes (more often than we as a body will admit) - to often running as admin, but AGAIN as in any unix I will make another account; say Test2 and login. Is is still happening? No? well that is unix. || Yes <infected> well, boot to a CD and work your recovery plan?
-=- Yes I offer that Many recent 'Apple Developers' are green & do not know a buffer overrun from 'free software' on warez sites, well let them feed the bigger fish. I am in This MacOS thing for the Long Haul. And Yes I see the Mac Market is Low Hanging Fruit (over trusting) and having deep pockets, BUT the *nix level security ( while heavily flawed ) seems adequate.
As I said before -Easy Hacks\Tricks - seem easy because they capture the low end of your target. How exactly do you intend to get my root password AND my credit card number? Proof of concept means the same thing as saying I might-could get with that girl. Show me the case where this 'exploit' if released did do something, or call it linkbait/end of Month-end of Quarter

Reply Score: 1

RE: What is gained?
by Bill Shooter of Bul on Wed 29th Jun 2011 23:51 in reply to "What is gained?"
Bill Shooter of Bul Member since:
2006-07-14

I'm afraid I don't think I understand what you are talking about. Its not quite clear.

I think you are questioning if an arbitrary redirect is a real vulnerability. Is that right?

Well, take a look at this and see if it changes your mind:

https://www.owasp.org/index.php/Top_10_2010-A10

Its true that not every vulnerability will or even can lead to an exploit, but its a better idea to just fix the potential problems than waiting for someone to successfully be scammed. But make no mistake this is a vulnerability that can and will be exploited if it is not fixed.

Edited 2011-06-29 23:53 UTC

Reply Parent Score: 2

So what happens when it get's patched
by kaelodest on Thu 30th Jun 2011 00:24 in reply to "RE: What is gained?"
kaelodest Member since:
2006-02-12

thanks for the insight, however I will still arrive at the original position. If one Tricked a user into a malware install then that is cute but it is not an exploit. An unpatched Mac will not go 'zombie' on it's own. An unpatched Linux install will not go rogue - BOTH will expect admin access. Servers *could-possibly* be set to auto update and reboot but that is NOT the default Linux install. AND that is what SACLs and Service accounts are for. Meanwhile Windows still does the same old same old (Security as a Rogue Process) and promises us that this time it will be different.
No. All OS's vulnerabilities are eploitable or even well documented, but only one vendor/(Kernel+HAL) has so many holes. Sure it will all be fixed in the next version of windows but I cannot escape the feeling that calling out the Mac OS or ANY other OS for security every July is exactly Linkbait.
(•_~)I am once again speaking about a properly configured unit. I would never run a Windows box on the web in the default settings as the Admin account. YES that is how the Mac OS Ships but if that is the case then where are the worms and root-kits. My position is that the proof is in the pudding.
-=-If I run a non-admin client for 24 hours clean and it is 'safe' 89.1% in *nix and 100% infected at the end of the day in Dot-Net or Active-X then that IS no reason to call out the MacOS as being exploitable with no "Out of Lab Exploits" - You know like a Mac with no browser open going zombie on a non admin box, Prove it.

Reply Parent Score: 1