Slashdot Mirror

← Back to Stories (view on slashdot.org)

Screensaver Bug in Mac OS X

Posted by michael on from the bomb-icon dept.

dave1212 writes "Still too early to tell, but there seems to be a screen saver password exploit in Mac OS X. It was discovered and postedon the Full Disclosure list earlier today. Theories, personal tests, and rumours abound, with some success stories, and the possibility that it could affect all Cocoa programs. Speculation points toward a 2048 character buffer, with people using the emacs shortcuts Ctrl-K and Ctrl-Y to fill the text field in under half a minute."

35 of 452 comments (clear)

  1. Finally, there's no objection! by HomerNet · · Score: 5, Funny

    A full, easily exploitable security hole in MacOS X. Now all those windoids will have no reason not to switch, as MacOS X now provides all the features of Windows, including a security hole.

    --
    I have no tag line
    1. Re: Finally, there's no objection! by Black+Parrot · · Score: 3, Funny


      > A full, easily exploitable security hole in MacOS X. Now all those windoids will have no reason not to switch, as MacOS X now provides all the features of Windows, including a security hole.

      And think how much faster the exploits will run on a G5!

      --
      Sheesh, evil *and* a jerk. -- Jade
    2. Re:Finally, there's no objection! by Alsee · · Score: 4, Funny

      Now all those windoids will have no reason not to switch, as MacOS X now provides all the features of Windows, including a security hole.

      I'm sorry but you're going to have to provide support for more than a single security hole before you convince me to switch. Windows has a proven track record of reliable security holes in almost every portion of the system, everything from E-mail to wordprocessors to Plug-N-Play and more.

      -

      --
      - - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
    3. Re:Finally, there's no objection! by fireman+sam · · Score: 5, Funny

      The real reason that Apple didn't go with Linux is because they had a conversation with RMS. The outcome of which would have resulted in the calling of the product GNU/Linux/OSX/Aqua. Apple just couldn't bring themselves to share the product name with any other company/entity.

      --
      it is only after a long journey that you know the strength of the horse.
    4. Re:Finally, there's no objection! by LittleBigLui · · Score: 3, Funny

      yeah, but you wouldn't call SunOS a UNIX. I mean, its name doesn't even end in an "x"!!

      --
      Free as in mason.
  2. Earlier Today.... by casings · · Score: 2, Funny

    Today meaning July 4th at 3:00 pm, this bug made its rounds on every major vulnerabilty database before slashdot even posted it... Why doesn't slashdot get its own vuln db? Or maybe a link to bugtraq: http://www.securityfocus.com/archive/1

    then we wouldn't have to get our vulnerabilty news a day late and a dollar short.

  3. Wow. by Duncan3 · · Score: 2, Funny

    Wow, a bug, who would have guessed software has bugs, oh, the horror.

    It's only news becasue OS X doesn't have heaps of bugs like everything else.

    I'd paste the list of current problems with glibc, but I only have DSL and it would take too long.

    --
    - Adam L. Beberg - The Cosm Project - http://www.mithral.com/
  4. I've tried it before on the screensaver ... by locohijo · · Score: 2, Funny

    and was able to crashed it, dropping me into the desktop, now I've tried it too on the Log-in and was able to crash it, sending me into a full Darwin/BSD console, you'll have to login again for you to be able to access the console though ... but full screen console Mac ... this you've gotta see. w007!!!!

  5. Oh my god! by sageFool · · Score: 5, Funny

    Someone with physical access to your machine can access it!! WHO KNEW?! Call in the army reserve and physically secure access to all your machines!

  6. So...my cat by Spoticus · · Score: 5, Funny

    can hop up on the desk and crack OS X?

  7. Re:2 words by __aafkqj3628 · · Score: 2, Funny

    This can be disabled in OpenFirmware,

    Doesn't that mean that it can also be re-enabled in OpenFirmware But if they've got physical access to the machine, it's over pal.

    and the user will never suspect you were there, because everything is just as they left it.

    Until you change their background, trash their home directory and fill their dock with millions of useless files.

  8. emacs in a password box... by ceswiedler · · Score: 5, Funny

    Hah! I knew it! Mac OSX isn't based on Mach or BSD at all! It runs on top of emacs!

    Actually, the thing that surprises me is that they managed to trim emacs down so it's only an operating system.

    1. Re:emacs in a password box... by evilviper · · Score: 2, Funny
      Mac OSX isn't based on Mach or BSD at all! It runs on top of emacs!

      And they even managed to run a decent editor on top of it!
      --
      Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
  9. Quick summary of article. by Anonymous Coward · · Score: 5, Funny

    It's been discovered that someone with physical access to your computer can access it.

  10. Very Good News for Me! by Doctor+Sbaitso · · Score: 4, Funny

    My local computer store has password-protected screensavers on all its demo Macs - now I'll be able to surf the web for... ahem... "those" sites... when the store employees aren't looking!

    --

    ---
    Hello, Slashdot user. My name is Dr. Sbaitso. I am here to help you.
    1. Re:Very Good News for Me! by Lord_Dweomer · · Score: 4, Funny
      "My local computer store has password-protected screensavers on all its demo Macs - now I'll be able to surf the web for... ahem... "those" sites... when the store employees aren't looking!"

      Yes, but please be thoughtful of other people who might happen to see the screen while you're on the site....Besides, you can go to www.msn.com from home anyways.

      --
      Buy Steampunk Clothing Online!
    2. Re:Very Good News for Me! by NotAnotherReboot · · Score: 4, Funny

      Type in goatse.cx links in a Safari window and put the screensaver back on. Allow unsuspecting employees to turn off the screensaver and hit enter.

    3. Re:Very Good News for Me! by Trurl's+Machine · · Score: 3, Funny

      I think they will be rather happy about that. How many times visitors call them with this annoying "sir, can you unlock this screensaver, please"? (and then the inevitable "damned, where did I stuck this post-it note with our current password"). I bet the whole instruction "how to crash the screensaver in 3 easy steps" will be pasted right at the entrance!

  11. Re:Why... by Waffle+Iron · · Score: 4, Funny
    Is it always buffer overflows? :/

    Because extensive user testing has shown that some people can type their passwords so fast that even a GHz-class RISC processor can't keep up unless the password capture program is written in C. The system can fall behind if it takes more than a handful opcodes per character in the inner loop. Unfortunately, these performance constraints preclude checking array bounds between each typed character.

    It's regrettable that we have to live with risks like these, but we have little choice when dealing with data input at these kinds of speeds.

  12. The Postedon by sharkey · · Score: 2, Funny

    Mortal enemy of the Mastodon!

    --

    --
    "Outlook not so good." That magic 8-ball knows everything! I'll ask about Exchange Server next.
  13. Yet another triumph for irony against stupidity... by Ho-Lee-Chow · · Score: 2, Funny

    Oh, and OT, but this idiot can't write a sentance, there's no doubt he discovered this after falling asleep on the keyboard.

    Once again, our intrepid hero, known to his legions of fans as "Slashdot Grammar Nazi", fails to check his own grammar and spelling as he ruthlessly tears apart another post for...poor grammar and spelling.

  14. Re:Why... by Alsee · · Score: 4, Funny

    a GHz-class RISC processor can't keep up unless the password capture program is written in C.

    How the hell did you get it to work in C? I had to hand roll the code in assembler and optimize the register allocations. You can also save a byte and a cycle on the loop if you take the branch-prediction microcode into account.

    -

    --
    - - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
  15. HERE's an even simpler hack by goombah99 · · Score: 3, Funny
    got physical access? good. then put in a install CD. boot it, and select change password from the menu. Ta Da.

    Oh you dont want to change the password? well then boot in single user mode and you dont need one. Ta Da

    Oh they left open firmware on?. open the case and remove one of the memory cards. reboot. ta da!

    --
    Some drink at the fountain of knowledge. Others just gargle.
  16. i saw this in a movie by cyberrodent · · Score: 3, Funny

    that's how Mystique hacked into that government computer in Xmen 2 -- and I'm pretty sure that's how Jeff Goldblum hacked into the alien ship too - only we didn't know it at the time because os X was only released to celebrites at that time.

    (and that's why he did those commercials too!)

    cyberRodent

    --
    Talk is cheap. Supply exceeds demand.
  17. Re:Why... by Anonymous Coward · · Score: 2, Funny

    Yep. Seconf only to typos that make you look like an idiot.

  18. Revenge of the drinking bird by gotr00t · · Score: 4, Funny
    Like how Homer Simpson got his "drinking bird" to cover for him by constantly pressing 'y' while he went to the movies, you could do the same thing. Have one of those drinking birds continually tap a single key over and over again while the Mac is in screensaver mode, and EVENTUALLY, it will terminate due to this bug.

    It probably didn't work for you because you didn't type enough stuff. Go buy a drinking bird.

  19. Re:Bug Sure, Security bug no by Blondie-Wan · · Score: 2, Funny
    You could encrypt the root filesystem, then on boot authenticate the machine (to make sure someone didn't just clone the startup to harvest your decryption key) and then enter the decryption key based on a one time response from the computer. That level of paranoia would justify caring about this "exploit." Even so someone could just install a sniffer inside the computer since our hardware is not hardened in the least.

    Maybe you could, like, lock the door to the room with the Mac in it...

  20. Re:Graphical login screen by Trusted+Content · · Score: 2, Funny

    Right, because, you know, OS X uses X11 as its windowing system and to log in users.

    I almost forgot.

    STFU, n00b. You're way out of your league on this one.

    --
    OMG OMG LUNIX OMG
  21. There are worse... by FooGoo · · Score: 2, Funny

    But everytime I try and type it into my Mac Steves head fills my 23" cinema display and tells me I need to listen closer to the next keynote. I think it's a security feature.

    --
    People who bite the hand that feeds them usually lick the boot that kicks them
  22. Doesn't work at all! WTF? by EvilStein · · Score: 5, Funny

    I got drunk last night and passed out at the keyboard and came 'round *six hours later* - a lot longer than the 5 minutes needed for this "exploit" and I STILL couldn't get into my Mac OS X box.

    Couldn't find any more beer, and I couldn't find my pants, either.. but that's another story.. grrr

  23. Re:Why... by LittleBigLui · · Score: 3, Funny

    you can't imagine how much the resource usage can be optimized by constraining the password to 4 letters max, only caps, and only letters from A to D, no numbers or other symbols. By imposing those limits on the passwords you could implement range-checking and avoid any and all buffer overflows, hence making the system WAY MORE SECURE!

    --
    Free as in mason.
  24. Re:Hey! I'm famous. by Lev13than · · Score: 5, Funny

    If OS X was truly open source, we'd probably be patching our machines right now, instead of impotently discussing this on slashdot.

    True, except you wouldn't be able to run Fink to download the screensaver patch until you figure out why your computer crashes every time you type with your hardware-hacked keyboard. You suspect that it's because your version of OpenAqua is creating conflicts with GND (GND's Not Darwin), but you can't go online to check because the web forum doesn't support OnSafari 0.1.2.33a.

    --
    When you have nothing left to burn you must set yourself on fire
  25. Re:Try Xlock! by swdunlop · · Score: 2, Funny

    Invest in a safe. The only way to properly control access to a computer is to airgap it, lock it in a container, then post several rabid animals to guard the container. Even then, this is no guarantee, but the annoyance factor should be high enough to protect grandma's secret cookie recipe.

    --
    Weapons of Mass Analysis
  26. Re:Hey! I'm famous. by Anonymous Coward · · Score: 1, Funny

    I told you not to download the patch from that angelfire page. But noooo, you felt the Redhat official mirrors were too slow.

  27. Re:Hey! I'm famous. by dwillden · · Score: 2, Funny
    Well, perhaps you would be patching your machine if OS X were open source, but let's face it: 99,9% of Linux users never patches their OS manually (i.e. edit source code and recompile).

    What????, You mean there are other ways to update my Linux distro, other than manually retyping every line of code each time there is an update?

    --
    I'm too lazy to compose a creative sig.