Tag Archives: MacOS

News Bites for the Week Ending November 23, 2018

Japan’s Cybersecurity Minister has Never Used a Computer

Yoshitaka Sakurada, the deputy chief of Japan’s cybersecurity strategy office and the minister in charge of the 2020 Olympic Games in Tokyo says that he doesn’t use computers – basically, he has secretaries and employees to do that.  He also acted confused about whether Japan’s nuke plants use USB drives.

While a few people joked that he has mastered cybersecurity (which of course is not true unless he plans to shut down all of Japan’s computers), most people were amazed that the government put someone with absolutely no understanding of cybersecurity, never mind no expertise, in charge. Source: The Guardian .

Suspect Remotely Wipes iPhone that Police Seized as Evidence

Juelle Grant is a suspect in a shooting in New York in October.  Police think she was the driver and hid the shooter’s identity and hid the gun.

Apparently Grant tried to out-think the police and used Apple’s find my phone feature to do a remote wipe of the phone.

The cops were not amused and charged her with tampering with evidence and hindering prosecution.  The police could have foiled her by putting the phone in a $1.00 foil bag.

That she was able to successfully do this is indicative of the up hill battle that police face shifting from a world of cops walking a beat to a world of cyber experts.  Source: Apple Insider.

China’s Response to Tariffs – Increase Hacking

According to a U.S. government report released recently, China’s response to U.S. tariffs is to increase, not decrease hacking.  The tariffs, which were put in place due to unfair business practices, including hacking, were supposed to get China to reduce hacking our intellectual property, but according to the report, has in fact, had the opposite effect.

The report says that Chinese hacking efforts aimed at stealing American technology and trade secrets have “increased in frequency and sophistication” this year.

The Chinese appear to be interested in stealing information on artificial intelligence and other technologies and includes a “sharp rise” in hacking against manufacturers.

What this means is that U.S. need to take efforts to protect themselves.  Source: Real Clear Defense .

 

Adobe Releases Yet Another Emergency Fix For Flash

In the “gee, what a surprise” category, the pile of Band-Aids (R) that some people call Adobe Flash released yet another emergency patch for a bug that would allow an attacker to run arbitrary malicious code on a user’s device by getting them to visit a web page that had, for example, a malicious ad on it.

Adobe has announced that they will discontinue support by the end of 2020, which means that we still have years of emergency patches in the wings, followed by hacks for new bugs that are never going to be patched.  Source: CyberScoop.

 

Just Visiting a Website Could Have Hacked Your Mac

A bug in Safari allowed an attacker to take over your Mac simply by getting you to visit some web page.  The bug, now patched, would have allowed an attacker to own any Mac.  The researchers released a video and proof of concept code now that the hole has been closed.  That, of course, does not mean that other hackers didn’t know about it already.

Attacks are getting more sophisticated as vendors try to lock down their systems.  This exploit used three different Mac bugs to take over your computer.

No user involvement was required after the user opened a web page in Safari.  Source: The Hacker News.

Apple is Trying to Catch up With Windows

Update: Apparently if you are running macOS 10.13 and apply the patch to fix the root problem and then upgrade to 10.13.1, that patch gets undone, so you have to reapply the patch.  In addition, the patch does not take effect unless you reboot.  Just another bit of the mess.

The Mac OS has generally been considered a secure operating system, but lately Apple has been trying to imitate their friends from Redmond and not in a good way.

The first MacOS bug found recently is a new bug.  Linux and Unix administrator accounts are called ROOT, unlike Windows and other operating systems which call the account ADMIN or ADMINISTRATOR.  Apparently in the current version of MacOS, High Sierra, if you entered the user name of ROOT with no password, you got an error message, but if you entered it a second time with no password, it let you in with full administrative permissions.

Initially, people thought that this exploit required that you have local access to the computer, but it turned out that if you had remote access turned on as many or most corporate computers do, the attack would work remotely as well.

Apparently the OS detected there was no ROOT account and created one with no password.  The quick fix was to create a ROOT account with a complex password.

Apple quickly created a fix that was automatically and silently installed (I guess that is both good and bad), but that fix broke some other things and Apple had to release a fix to the fix.  That second fix had to be manually installed and required some advanced gyrations on the part of the user.

The good news was that Apple was able to fix the bug quickly once they were told about it.  The bad news is that if a user’s PC was compromised before the installed the patch – which statistically is possible but unlikely – then the only solution is to wipe the disk and start over.

But this was only the start of last month’s problems for Apple.

The second MacOS bug, which also granted users unlimited ROOT access had been around for at least a decade (sound like Windows again?), maybe two decades. or more.

The person who found it was neither a professional hacker nor a professional security researcher, but rather a self titled hobbyist.  This means that other people (and not the well intentioned ones) could have known about it for 20 years or more.

The bug was in the IOHIDF family of software.  This software has been a problem child in the past.  The hobbyist who discovered it released a proof of concept for all of the hackers to follow at the same time he announced the bug.

As of 17 hours ago, Apple had yet to comment on it, but I assume that their engineers are busy working on how to fix it.

Right now it counts as an 0-day, and a nasty one.  0-days are bugs that were not (publicly) known about prior to the announcement.  Except that in this case, it was probably known about by others, such as the Chinese, Russians or American spies and possibly exploited – maybe for many years.

For a while, Apple computers seemed to be immune to bugs.  I don’t think that is necessarily because the software is super secure, but rather because it is a niche player with a small market share (less than 8 percent according to NetMarketShare).  As other operating systems were attacked and started fixing bugs, MacOS became the next target of opportunity.

So, in this case, one bug is fixed, albeit a bit bumpily and the other is still open.

Happy New Year Mac users!

Information for this post came from CNet, The Guardian and BetaNews.