Titel

Practical Mac OS X Insecurity

Security Concepts, Problems, and Exploits on Your Mac

Beschreibung

Some recent security problems with Mac OS X stem from the fact that Apple tries to combine the Unix security model with easy and convient usability and closed source. Showing examples from our own research we will take you on a pleasant journey to get root on almost any recent Macintosh. And of course, there will be "just one more thing".about this event: http://www.ccc.de/congress/2004/fahrplan/event/218.en.html

content

While rumors have it that Mac OS X is extremely secure due to its open-source Darwin core and the elaborate Unix security model, little is known about practical problems that hide under its hood. While the lack of serious worms and other malware for the Mac might give users a false sense of security, things aren't that pretty once you dig deeper in the system. SUID root programs, closed-source security components, and badly-chosen default settings pile up to a security nightmare waiting to happen.

We will give an overview of the problems, demonstrate example code, and give you an insight into communication problems with Apple support on security issues. Both problems with Mac OS X 10.3 (Panther) and the future version 10.4 (Tiger) will be addressed. As you can expect from any decent Apple presentation, be prepared for "one more thing".

Veröffentlichungsdatum

29 Dezember 2004, 15:00:00 +01:00

Quelle

https://cdn.media.ccc.de/congress/2004/video/218%20Practical%20MacOS%20X%20Insecurities.mp4

Beteiligte Person

Angelo Laub

Is Referenced By

21C3 Website

Nutzungsrechte

Creative Commons Attribution-NonCommercial-NoDerivs 2.0 Generic

Urheber

Chaos Computer Club e. V.

Rechteinhaber

Chaos Computer Club e. V.

Umfang

0:52:16

Typ

video/mp4

Tag

21c3

Hacking

Identifikator

ark:/45490/bvOA4U