Hacker's Mac pwning expedition: 'Help, I've got too many shells!'

Thursday 17th November 2016 07:43 GMT FuzzyWuzzys

Some people have way too much time!

1 0 Reply
1. Thursday 17th November 2016 07:48 GMT allthecoolshortnamesweretaken
  
  Yup. And it quite often results in posting on tech forums.
  
  14 0 Reply
Thursday 17th November 2016 08:41 GMT macjules

Those long summer nights must just roll by in New Zealand. Never mind, there'll be another LoTR spin off soon.

0 0 Reply
1. Thursday 17th November 2016 19:25 GMT Ashley_Pomeroy
  
  Alien Lego Terminator vs Predator: Lord of the Rings
  
  You know what would be awesome? Terminator: Lord of The Rings, in which a descendent of Saruman uses futuristic technology to send a Terminator back from the future to kill Frodo et al before they can drop the One Ring into Mount Doom.
  
  It would begin with the Terminator punching a dwarf's heart out. "Your mithril-mail - give it to me". Later on he would attack a tavern, with a crossbow in one hand and a sword in the other. In a bizarre twist it would be revealed at the end that the rings were actually forged from the debris of the exploded, melted Terminator chassis, or something.
  
  I would pay to see that.
  
  4 0 Reply
  1. Friday 18th November 2016 05:33 GMT macjules
    
    Re: Alien Lego Terminator vs Predator: Lord of the Rings
    
    @Ashley_Pomeroy Are you in New Zealand? You could give Peter Jackson that idea ..
    
    0 0 Reply
Thursday 17th November 2016 09:48 GMT David Roberts

No mention of the earth quakes

Presumably the conference is in an undamaged venue.

Grim weather as well.

Sympathy for Kiwis and visitors at the moment.

2 0 Reply
1. Thursday 17th November 2016 09:54 GMT TeeCee
  
  Re: No mention of the earth quakes
  
  Get some perspective.
  
  Yes they had some sort of earthquake thingy but somebody hacked a Mac!!!1111!!!!!
  
  3 0 Reply
  1. Thursday 17th November 2016 10:40 GMT sabroni
    
    Re: Get some perspective.
    
    I agree! El Reg should stop publishing tech articles until we've sorted out all the real problems in the world. Or at least until we've stopped the earthquakes!
    
    0 0 Reply
    1. Thursday 17th November 2016 19:01 GMT cd
      
      Re: Get some perspective.
      
      Everyone talks about earthquakes and computer security, but no one does anything about them.
      
      2 0 Reply
2. Thursday 17th November 2016 22:26 GMT Youngone
  
  Re: No mention of the earth quakes
  
  Thanks for the sympathy Dave Roberts.
  
  I live in Auckland, so have avoided having my house fall on my head, but friends in Christchurch are heartily sick of the shaking, even if there was limited damage this time. (In CHCH at least).
  
  The weather has been pretty ropey, it's true, but on the plus side, the first wee tomatoes have set and my Blueberries are beginning to come through too.
  
  0 0 Reply
Thursday 17th November 2016 12:59 GMT Anonymous Coward

The root of his problems

From the reporter's documentary webpage: "I’ve received a lot of phishing emails over the years, and this was the slickest one I’d ever seen—so slick, in fact, that I clicked on it even though I had promised myself I would be extra-careful while the hackers were targeting me."

2 0 Reply
1. Thursday 17th November 2016 13:25 GMT Mongrel
  
  Re: The root of his problems
  
  Cynically...
  
  "It would have been a damn short documentary if I hadn't clicked on the link"
  
  9 0 Reply
Thursday 17th November 2016 13:26 GMT Frank Bitterlich

Quick sum-up...

OK, let's see what we have here...

- Some social engineering

- One spearphishing email

- Lots and lots of "scary" demonstrations of what an attacker can do when they get root. ("OMG, they made my computer SPEAK TO ME!")

Anything new in this documentary? Hardly. Just the same well-known facts: If you can trick one person in handing over an account to an attacker, other accounts fall like dominoes. Duh. But the documentary (or rather, the article of the author/subject) fails to mention that there was hardly any classic "hacking" involved. If you can convice your mark to install malware on their machine, you can just as well try to convince them to hand over their laptop altogether. (You know, for "urgent repairs". Trust me, Apple sent me to pick it up.)

I'd rather like to know whether the people who fell to the social engineering calls were violating the rules, or if the protection/authentication rules of those companies are still not up to date.

One final thing: Both SSNs and credit card numbers are hard to keep secret. But yet they are still used as tokens of authentication, mainly in the US. As long as the majority of the people are content with keeping it this way, nothing will change (except the scope of breaches, which will continue to increase).

6 0 Reply
Thursday 17th November 2016 19:10 GMT Anonymous Coward

We can stop security hacking! It's very EASY to do!

Move to hardware IDIOTS!

http://www.atmel.com/tools/cryptoauthentication_ateccx08a_development_library.aspx?tab=related

SECURITY has been solved no one wants it!

Very funny state to be in, bitching your hacked and not using SECURITY in hardware.

Your all fools for using software SECURITY.

0 0 Reply
1. Friday 18th November 2016 00:22 GMT Kernel
  
  Re: We can stop security hacking! It's very EASY to do!
  
  You might get taken more seriously if you drop the shouty bits and fix the spelling/grammar mistakes.
  
  2 0 Reply
Thursday 17th November 2016 22:26 GMT Anonymous Coward

Dan Tentler demonstrates social engineering hack

Calling it 'Dan Tentler hacked writer Kevin Roose's Mac' is being a bit economical with the truth. The alleged Mac hack consisted of an email phishing msg that tricked him into going to a bogus squarespace site and and then installing some malware. A more interesting fact to take away from Defcon would be, what is the breakdown in reveue lost to online fraud by Operating System Platform.

2 0 Reply