Back to the articleClever #
Posted Wednesday 21st January 2009 09:15 GMT
Of course, the obvious solution is to randomize the location of the dynamic linker as well.
New OS X research warns of stealthier Mac attacks
Before the tedious platform war begins... #
Posted Wednesday 21st January 2009 09:15 GMT
> "It's so easy to use," Miller said.
I guess it "just works"
Will be fixed by the time it's revealed #
Posted Wednesday 21st January 2009 09:15 GMT
Simply by randomizing the load location of 'dyld' at boottime. If Iozzo is a responsible person -and not some headline-grabbing hack- he has reported this to Apple and they have been working on a fix that will precede or arrive simultaneously with his announcement. This is not the exploit you are looking for.
Dynamic linker #
Posted Wednesday 21st January 2009 09:15 GMT
Just to prove I was listening..... Isn't random memory location of the dynamic linker one of the new security features believed to be in Snow Leopard - in which case this vulnerability goes away again :-)
Encrypted VM #
Posted Wednesday 21st January 2009 09:39 GMT
Interesting - you can encrypt your VM in Mac OS X, so this means that if you use that particular security measure to protect your data from snooping, forensics will have no chance of detecting this exploit at all.
@ 2nd poster in the thread - Apple has known about the limitations of its memory randomisation since Leopard was first released and no, they won't fix it soon in 10.5.x or before the hack is revealed, but they are fixing it for 10.6
RE: Dynamic linker #
Posted Wednesday 21st January 2009 10:26 GMT
So your "fix" is to shell out hard earned cash and buy a newer release of the operating system???? I'm sorry, but I would've said that's worthy of M$, but even they patch older OS's! Apple better fix this retroactively...
Yawn #
Posted Wednesday 21st January 2009 10:45 GMT
"It's only a matter of time".
People have been saying that for 8 years now. Still nothing's happened.
Surprised, anyone? #
Posted Wednesday 21st January 2009 10:45 GMT
So, the Mac I use daily is not invulnerable to attack. That's not really news, is it? Apple were late to introduce address space randomisation, so it's no surprise that it isn't perfect yet. But like Microsoft, we should probably applaud them at least for acknowledging the problem (well, as much as Apple ever do, in that we can guess they've acknowledged it long after the fact from their subsequent actions) and beginning to tackle it?
Vulnerability? #
Posted Wednesday 21st January 2009 11:36 GMT
This is not exactly about 'vulnerability' as it is commonly understood, and therefore,
YES I would say this is news, and NO I would not say apple has to fix it right away,
unless doing so requires only a regular fix, which, in all my ignorance, I doubt.
only a matter of time #
Posted Wednesday 21st January 2009 12:05 GMT
and if its so easy, this kind of attack happens all the time on linux then, does it?
Conficker and Kido say... #
Posted Wednesday 21st January 2009 13:52 GMT
Yet another theoretical threat to OS X scraped from the bottom of a hypothetical barrel in response to a real world, live as we speak Windows virus attack.
Every time we get an attack on Windows some security researcher finds a vuln in OS X.
Coincidence? Couldn't possibly be. They wouldn't dare be that predictable. Ain't that right kids?
Not too much of a threat... #
Posted Wednesday 21st January 2009 15:02 GMT
So, let's get this clear:
a- If there is currently a vulnerability in an application, and
b- if your system is unpatched, and
c- if you executed a program with a malicious payload, and
d- if this malicious payload took advantage of the new stealth technique
THEN you'll get infected, and it will very hard to trace it using common forensic techniques.
That's a tall order right there. The current situation is at "c", and malicious programs and infections are not that common. The new factor of stealth will not necessarily influence the availability of malicious attacks, only their detection.
You still need that proverbial virus that we've been promised.
-dZ.
"The injection method doesn't make it any easier to pierce a Mac's defenses" #
Posted Tuesday 27th January 2009 10:54 GMT
Just use one of the many numerous and unpatched vulns in itunes or safari.
the only reason mac virii are rare is the same as Linux virii - nobody can be bothered when there are more Windows users.
Sign up, sign up for The Register's weekly IT security newsletter - click here
Top stories
Popular Whitepapers
- Thermal design of the Dell PowerEdge T610, R610, and R710 servers
Monolithic thermal design overview - Seven ways to optimize VMware server virtualization
Virtualized storage complimenting virtualized applications - 10 Steps to a Successful CRM Implementation
Avoid a rocky CRM rollout with this checklist - Checklist: Midmarket ERP Solutions
Control your rising business costs - Comparison Guide: IP Phones
Exact details on specific IP Phone features such as function buttons, display resolution, weight and price - Service level monitoring and management
Delivering service excellence across the network
