Apple Gains New Fans - Hackers!

[DennyCrane]

It was only a matter of time before the world's hacker community began to focus their attentions upon Apple products. Now that more people are owning Apple products, it's becoming worth their time to go after iPhones and Macs.

Quote:

Originally Posted by Breitbart

Macintosh computers have been gaining market share and catching the interest of hackers, according to Zero Day Initiative (ZDI) security vulnerability analyst Cameron Hotchkies.
"There are more eyes looking over Apple products for vulnerabilities," Hotchkies told AFP at a notorious annual DefCon gathering of hackers in Las Vegas.
"It has slowly been growing as a target people are more and more interested in."
Hotchkies specializes in Apple software as part of a ZDI team devoted to scrutinizing programming holes and crafting "patches" to prevent hackers from exploiting weaknesses. More than a thousand people crammed into his DefCon talk about hacking Apple software. He was peppered with technical questions at the close of the session.

This boils down to this: The more popular your electronics are, the more suceptible you are to hackers. Don't throw away your old Amiga PC and 1980s brick phone yet.
iPhones-Macintosh computers become apples of hackers' eyes

[Craig]

I'm totally waiting for the first hack that takes down the unlocked (jailbroken) iPhones. those guys are just asking for it.

[DennyCrane]

Just fly to France for one!

Quote:

Originally Posted by Mobile Computer Magazine

After all the hoo-ha about unlocking, it looks like European users won't need to hack their iPhones at all if they want to use it on a network of their choice -- unlocked iPhones will be sold in France.

Apple announced yesterday that France Telecom (aka Orange in France) will be the exclusive operator for the Apple iPhone in France. The iPhone will be available from 29 November, for €399 with contract.

What it didn't announce was that as part of the deal, France Telecom will also be allowed to sell unlocked iPhones alongside subsidised handset sold with contracts. This is part of French law, as the France Telecom press release makes clear (albeit in French).

There were mutterings that Apple might not sell the iPhone in France as a result of this legal obligation, but it looks like it has finally given in. There's no word on pricing for the unlocked iPhone yet, but you can expect it to be rather more than €399...

The obvious hope is that anyone will be able to buy an unlocked French iPhone and use it on any network, but that presumes that the operating system will be available in languages other than French. It would be churlish (thought not unimagineable) for Apple to do this though, and I suspect that like most European smartphones, French iPhones will be reconfigurable to work in any European language.

[Dopefish]

Apple is prone to the same vulnerabilities as Linux or FreeBSD or any OS that relies on free, open-source libraries. OpenSSH, OpenSSL, Apache, etc. If an exploit is released for any of those, it's going to affect any OS that is running them. Mac OS X is no exception. Then you add on Mac OS X's own libraries and other dependencies, and there is potential for more problems (if someone manages to break in in the first place).

I think OS X is still far more secure than Windows. It's just the design and nature of their libraries, security, privileges, etc. If an exploit comes out for OpenSSL, the OpenSSL team patches it, if someone else doesn't patch it first. Apple just takes that patch or updated version and releases it in a security update. When something comes out for Windows, who really fixes it? Microsoft's stance is security through obscurity. They'll let slide what they can and patch what is absolutely necessary.

Anyway, the best security measures you can take is with yourself. Don't use an administrator account. Don't have servers or unnecessary things running in the background. Firewall off what you can. There's lots of simple things the end-user can do that will complicate everything a lot more for a hacker. It's kind of like car thieves. If they see a Honda Civic with no security next to a BMW packed with security, which do you think they're going to hit? They go for quick, simple, painless jobs. If you lock down your stuff, it's just going to make them go after another system instead. Unless, of course, you piss someone off.

[BuddhistSoldier]

Hackers bring it first... as soon as companies start developing what people want, then we'll stop hacking

[Kage]

So does this mean Mac Legionaires wont use the Virus excuse as to why macs are better? I hope so.

[Dopefish]

No. Macs cannot get viruses. It's just not possible. It's the same with Linux or BSD. Their architecture just doesn't allow it to work.

[DennyCrane]

You might want to edit that statement... Macs do get viri, and they do damage.

[DigitalDD]

the problem with the old analog cell phones was always the lack of encryption. all you needed was the IMEI and ESSID and an eprom burner and you could make your phone masquerade as another phone in effect making it a remote extension. Some of the last batch of cell phones that were analog only could do this via software by punching in the right codes. That's one thing that makes me not want to go back to analog cellular.

yeah having more people with your systems does tend to make you more vulnerable to attacks, Apple is now getting a taste of what others have had to deal with for some time. and more things like Apple's flawed DNS patch will see the light of day.

[Dopefish]

Quote:

Originally Posted by DigitalDD

...and more things like Apple's flawed DNS patch will see the light of day.

This flawed DNS patch is hardly a flaw. It only affects your client-side DNS cache. If someone manages to get on your system to poison your local DNS cache, you have MUCH greater security issues at hand.


Denny,
I don't know what you're talking about. Perhaps you should provide links to articles about these viruses that do damage?