Slashdot Mirror
FBI Agent Talks Crime, Macs
hype7 writes "There's an article at SecurityFocus describing a visit an FBI agent to Washington University. His visit was ostensibly about computer security and the general public's complete lack of any idea on computer security whatsoever: 'I have spent a considerable amount in the computer underground and have seen many ways in which clever individuals trick unsuspecting users. I don't think most people have a clue just how bad things are.' His talk ranged from some of the pranks he's seen played on unsuspecting users, to Eastern European extortion of big banks." WeakGeek added, "FBI security guys are using Macs because, 'those machines can do just about anything: run software for Mac, Unix, or Windows, using either a GUI or the command line. And they're secure out of the box.' Another good quote: 'If you're a bad guy and you want to frustrate law enforcement, use a Mac.'"
...what about BeOS? BSD?
I think the prob is they haven't yet gotten all the protocol worked out on this... the hfs+ file system causes some problems. Really they can boot those Macs into firewire target disk mode and dump em quite easily. Maybe an Open Firmware password is blocking that, there's steps to disable this also, perhaps it's just fear of the unknown. ;-) I think most of the criminals they run into are running Windows or Linux, price reasons and such... parents basements. ;-)
Cwm, fjord-bank glyphs vext quiz
I would not trust an "out of the box" install of any OS.
1) Watch TV (lord knows what . . .)
2) drink some booze and hang with the buddies
3) read about Internet Security so he doesn't go around speading some damn garbage around to everyone else.
Numbers one and two likely describe your average user, number three is generally the type of person reading slashdot. I guess we need to get security "cool" now for people to take notice.
----
"Ours was a free culture. It is becoming much less so."-Lawrence Lessig
They're only secure because, with such a minimal share, nobody cares about breaking into one.
Bullshit. Market share has nothing to do with it. There's at least as many Apache-based servers out there as IIS, but there are like 2 Apache worms.
And frankly, there are enough Mac-haters around that surely some would like to take Apple down a peg via a virus or some sort of exploit in OS X. How come it's never happened? How come in three years there hasn't been a single OS X virus discovered?
Apple have had several fixes just in the last few months fixing remote root access vulnerabilities.
Yeah, and the difference is, they were found and fixed without being maliciously exploited. Most of them were very unlikely to be exploited anyway, or were found in services that were off by default. The last one I heard about would allow a brand new machine to get owned if a rogue DHCP server happened to be sitting on the LAN. Yeah, that's likely to happen.
Contrast this with Windows, where shit is wide open by default, and the first anyone hears about a hole is usually when it has already brought the internet to a crawl. Not that patches for exploits do any good when people don't apply them-- I just took a look in my firewall logs, and I'm still getting Nimda and Code Red infection attempts.
is that they are technologically impaired halfwits. If they would accually take the time to hire *real* computer experts, maybe they would have a little bit more success in stopping something.
In the past, I could send them detailed logs, including TCP dumps, of people controlling DDOS networks, threatening people, bragging about committing DDOS. And nothing would happen. More recently, a friend of mine had serious threats to her and her child from a stalker - who authorities proceeded to track to Atlanta. But they seemed to miss the fact that he was repeatedly coming from a dialup IP address in Toronto.
Law enforcement on the internet needs to be put into the hands of a capable multinational group with laws that are defined to cross boarders. Until then, DDOS kiddies will still be running around quite loudly proclaiming their existance.
.
I have spent a considerable amount in the computer underground and have seen many ways in which clever individuals trick unsuspecting users. I don't think most people have a clue just how bad things are.
Seriously, to me this sounds like sensationalism. Like, a good sound byte to attract attention. If you tell people that things are worse than they could ever imagine, you're not going to do much except scare people. And most of the time it's not that bad.
I'd like to think that (like most slashdotters) I'm not unaware of what goes on in the "computer underground". I'm not in it, but it's not like I'm ignorant of the fact that it exists. The tools on packetstorm are enough to scare any non-tech person into submission, if they knew what they could do, yet I don't lose sleep over it.
I'd like to think that, while there are lots of "dumb" users out there, there are a lot of us tech guys, the guys behind the switches and administering the servers, who are looking out for them, much like shepards.
There are a couple of simple rules to follow:
1.) If it's on the internet, it can be hacked.
2.) If it's backed up, it can be restored.
3.) If it's patched, it's less likely to be exploited.
4.) Ease of use and security are inversely proportional.
I don't resent people like my mom who wouldn't know spyware from cookware. I do what I can for her, computer wise. And she cooks for me when I come home. I consider it an even trade.
~Will
sig?
EFS which is the service that allows encryption of NTFS filesystems, under Windows 2000 it uses DESX which is a MS implementation of 3DES which provides ~128 bits level protection. Enabling encryption is as simple as right clicking the folder or file, advanced, click the checkbox that says encrypt.
There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
...but just because it's open source does not just mean that it's "secure". Actually... because some software is hacked and patched and exposed to a massive amounts of people... it gets more focus and makes it better software. Perhaps a mac *is* more sercure becuase open source software is made and used by more "hakers"... but that remains to be seen. And no I don't care what you think. Thanks, have a great day. The more you hack me the more I find out.
||| I still can't believe Parkay's not butter.
Linux is like a friend's old TR7. He spent more time under the hood trying to keep it running than he did actually driving it. Mac OS X is for those who want to get to a destination, in speed and with style; instead of piddling around tinkering with the machine.
That is the way I feel too.
I've used Linux for a longer time than most of the slashkids in here have known how to read. Like a lot of Linux users, I went through the silly zealot phase, but luckily, matured enough to make my way out of those woods.
NeXTSTEP and then OS X, for me, was Unix without the hassle of Linux. Way too often on Linux, now and then, I spend more time dicking around with the machine- screwing around with libraries, configurations, all sorts of stuff- than I did doing "real work." That was all fine and dandy when I had an abundance of free-time, prime to be wasted. Not to say that learning- especially enjoyable learning- is a waste of time, but for me, configuring, installing, and doing all sorts of other maintenence on my Linux system is about as much fun as maintaining Windows. When I want to work I want it to work. Sometimes, I may go back on the random weekend to do that 'under the hood' stuff, but I don't want to *have to* spend time under the hood just to keep it running.
With OS X, I had the best of both worlds. I had oodles of stuff to tinker with, to my heart's content- and a lot of it is totally new to an old DOS and Linux user, a brave new world full of all sorts of fun stuff. I can go in and spend time under the hood as much as I like. But, when I haven't the time or the desire to do so, it just works.
For those of you with so much free time as "playing around" with Linux constitutes most of what you consider as using your computer- more power to you. Learning is fun and never a waste of time. But for those of us who want the perks provided by Linux or another Unix-like OS but with a number of positive advantages that impact silly things like "productivity", we have OS X.
Working toward a usable PDA environment in the spirit of Newton OS: Dynapad
"This is false. 'ldd' does NOT run the program you give as an argument. As a proof of that try running 'ldd' on a graphical program (like xclock). Also 'ldd' works on shared libraries too."
/bin/ls' or if on FreeBSD 'ktrace ldd /usr/bin/true'. You'll see:
/usr/src/libexec/rtld-elf/rtld.c on FreeBSD, probably somewhere like that on most Linux distributions too.
Run most Linux distributions 'strace ldd
fork() = 3828
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
--- SIGCHLD (Child exited) ---
wait4(-1, [WIFEXITED(s) && WEXITSTATUS(s) == 0], WNOHANG, NULL) = 3828
and
97444 ldd CALL fork
97444 ldd RET fork 97445/0x17ca5
97444 ldd CALL wait4(0xffffffff,0xbfbff580,0,0)
97444 ldd RET wait4 97445/0x17ca5
respectively, well after the ldd binary is loaded (you can see it in the full strace/ktrace output).
From FreeBSD's ldd:
case 0:
if (is_shlib == 0) {
execl(*argv, *argv, (char *)NULL);
warn("%s", *argv);
} else {
It runs the binary with a special environment variable which tells the dynamic loader to just spit out the library list. The code that does that is in
In regards to shared libraries, it uses dlopen instead of running the library - on FreeBSD.
Updating libraries, fixing missing includes, or paths, is not all that bad. You learn in the process what role libraries and includes and paths play in an environment where software development is encouraged, and some tinkering to compile an application might be required.
The thing I did not like was how hard small things were. Changing the font in xterm. Plugging in an external display. Getting the optimal resolution/refresh rate/color scheme. Laying out your desktop and having the OS remember the layout.
Those things are more annoying than they should be but with OSX, it takes a second to change all of the above, and more.
There is value in knowing how a system operates underneath, but wasting endless hours reading xterm man pages and entering font strings into a config only for them to make no difference is a big waste of time.
OSX still lets you play with the internals but also eliminates the useless functionalities.
"If you're a bad guy and you want to frustrate law enforcement, use a Mac."
If I was a law enforcement offical and I wanted to give a bad guy a false sense of security. I would recommend a partially closed source OS that appears to be very secure. However, it could possibly have an NSA/FBI backdoor. Then at a big security convention I would say that said partially closed OS would frustrate law enforcement!