Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple's First 2005 Mac OS X Security Update Is Out

Posted by timothy on from the prosit dept.

ollie_ob writes "Security Update 2005-001 has just hit Software Update for Mac OS X users, for those running 10.3.7 and 10.2.8 in both normal and server flavours of the OS. The update includes patches for: at commands, ColorSync, libxml2, Mail, PHP, Safari and SquirrelMail. Details are here. One of these fixes -- a modification to Apple Mail so it stops broadcasting your MAC address in plain text every time you send an email - will come as a welcome relief to those trying to keep their WEP-based wireless networks secure. Other highlights are PHP 4.3.10, and a Safari fix so that pop-up windows can't mislead users as to their apparent origin. The Mac OS X Server version of the patch also includes an update to SquirrelMail that stops browsers from executing scripted content in emails viewed(!). Interesting to note Apple's new naming scheme for the updates (last year, some updates came out dated days into the future - or past.) Also, there's a unified page for all future security updates."

91 comments

  1. Re:Airoport by Anonymous Coward · · Score: 0

    No. What does your system.log say after you wake from sleep? (Open Console, located in /Applications/Utilities/, and click on system.log)

  2. Did anyone else know about this? by ravenspear · · Score: 1

    broadcasting your MAC address in plain text

    That doesn't sound like a very good idea. Has Mail always done that?

    1. Re:Did anyone else know about this? by Anonymous Coward · · Score: 0

      Yes, but who looks at Message-Id, headers?

    2. Re:Did anyone else know about this? by the+pickle · · Score: 2, Insightful

      People who want to break into weakly-secured wireless networks, duh.

      Glad I haven't been using Mail. This is the first I've heard of this problem.

      Side question: how would that accidentally happen in the first place? It's not as though someone would deliberately insert code to broadcast a MAC address into a mail client...yet it seems specific enough that simply calling it a "bug", with the arbitrary nature that implies, seems a bit odd.

      p

      --
      In Korea, long hair is for old people!
    3. Re:Did anyone else know about this? by Anonymous Coward · · Score: 0

      I could care less in regards to wireless implications as noted in the summary since I run WPA and so should anyone else using Apple Airport as opposed to WEP.

    4. Re:Did anyone else know about this? by Anonymous Coward · · Score: 0

      Not a bug a feature... to generate message Ids that are traceable back to originating machine...

    5. Re:Did anyone else know about this? by austad · · Score: 1

      If you're using WDS, you cannot use WPA.

      --
      Need Free Juniper/NetScreen Support? JuniperForum
    6. Re:Did anyone else know about this? by Piquan · · Score: 4, Informative

      It's not as though someone would deliberately insert code to broadcast a MAC address into a mail client.

      No, not specifically. Here's the scoop.

      Each email is supposed to have a unique Message-Id header. Other than logging and tracing, this is so that, when it's referenced by other emails via the In-Reply-To: and References: headers, the mail reader can properly thread the emails.

      Second, there's a common unique ID format called the UUID. This is a 128-bit value that is unique across space and time until AD 3400. If you've looked at CLSIDs in Windows RegEdit, then you've seen UUIDs. (Windows calls them GUIDs.) They're also used in a lot of RPC-type protocols, in Mozilla plugins, and other places. One common way to generate a UUID incorporates the computer's MAC address as the last 48 bits, so that no two computers will generate the same UUID (assuming the MACs were properly registered), along with the clock time.

      Since UUIDs are an easily-generated random number (lots of library routines to generate them, as well as the OS X uuidgen tool), that's what Mail used for its Message-Ids.

      Later versions of the UUID spec

    7. Re:Did anyone else know about this? by SillyWilly · · Score: 1

      Do you mean you couldn't care less?

      --
      Online & Feelin' Fine
    8. Re:Did anyone else know about this? by Guy+Harris · · Score: 4, Informative
      Not a bug a feature... to generate message Ids that are traceable back to originating machine...

      Not a feature an idea that perhaps seemed OK at the time... to generate unique message IDs based on an existing type of unique identifier that happened, in the original format defined for it, to use an IEEE 802 MAC address, presumably because those are intended to be unique to a piece of hardware, so the rest of the UUID merely has to be a value that will never be used again on a system where that MAC address is used to generate UUIDs.

      The current Internet-Draft for a URN namespace for UUIDs mentions another scheme to generate UUIDs in that format that don't use a hardware MAC address but that won't collide with UUIDs generated from MAC addresses for hardware (by turning on the bit that would be the multicast bit in an 802 MAC address).

    9. Re:Did anyone else know about this? by larkost · · Score: 2, Informative

      a) WDS is the common name used for wireless-to-wireless bridging, but it is not actually a ratified standard, it has not even been proposed. It came out of the discussions leading up to WiFi but was deliberately excluded from the standard. Therefore "WDS" can include anything the vendor wants to put under that marketing term, and there is no guarantee (or even reasonable expectation) of interoperability.

      b) Apple's implementation for example does work with WPA. Other vendors devices will have different results because WDS ? WDS if you mix vendors.

    10. Re:Did anyone else know about this? by Anonymous Coward · · Score: 0

      Relax. It's cheap sarcasm ("As if I could care less...").

    11. Re:Did anyone else know about this? by Dr.+Sigmund+Freud · · Score: 1
      This is a 128-bit value that is unique across space and time until AD 3400.
      Uh...oh... better start stocking up for that Y3.4k bug which will cause the end of civilization as we know it.

      --
      Dr. Freud

      Technology meets Transportation.

  3. Re:Airoport by rokzy · · Score: 1

    it's a documented feature that internet connection sharing needs to be reset after sleep, if that's what you mean?

  4. Installed, rebooted... by bennomatic · · Score: 2, Informative
    ...and running fine!

    And if you've got any questions about iLife '05, let me know. GarageBand's vocal effects are pretty cool, though I don't sound all that hot as a woman...

    --
    The CB App. What's your 20?
    1. Re:Installed, rebooted... by Reducer2001 · · Score: 1

      Neither did Janis Joplin.

      --
      When you get to hell -- tell 'em Itchy sent ya!
    2. Re:Installed, rebooted... by Anonymous Coward · · Score: 0

      Yeah, I've got a question about iPhoto:

      If I shoot raw or jpg and load it into iPhoto, then edit with photoshop and save as .psd, will it figure out that the .psd goes with the original raw/jpg?

      If so, then maybe iPhoto will cease to be utterly useless for me.......

    3. Re:Installed, rebooted... by klez23 · · Score: 1

      And if you've got any questions about iLife '05, let me know. GarageBand's vocal effects are pretty cool, though I don't sound all that hot as a woman...

      Did you sound better as a man?

    4. Re:Installed, rebooted... by pmhudepo · · Score: 1

      Hmmm, iLife questions seem strangely off-topic here, but hey... lossless JPEG rotation in iPhoto '05 by any chance?

  5. are you trolling or just ignorant? by rokzy · · Score: 0, Offtopic

    1. it's Mac, not MAC
    2. it's "Mac mini", not "I-Mini McIntosh"
    3. it is a real computer

    1. Re:are you trolling or just ignorant? by ravenspear · · Score: 1

      And in the first case it would be Apple, not Mac. "Mac" is unable to announce anything, as it is an inanimate object.

    2. Re:are you trolling or just ignorant? by Anonymous Coward · · Score: 0

      Actually, it *is* MAC in this case. The MAC address is the unique number of the network card (sometimes also called an ethernet address, not to be confused with an IP address), and it's on this address that wireless networks are usually protected. For example, you can easily set up a filter to allow known MAC addresses through.

      The MAC addresses will be familiar to those who have set up an AirPort network, either by clicking on the 'This Computer' button or by reading the text off the AirPort/Extreme base station. They look like 00:12:23:34:45:67

      So, if Mail is in fact generating UUIDs using uuidgen with the MAC address attached, it stands a very good chance of being unique; but on the other hand, it publically broadcasts your MAC address which could be used to hack into an AirPort base station.

      Of course, most WEP-type sniffers will be able to brute-force crack the key after a suitable amount of data has been passed through, after which the MAC will be easily visible (and spoofed) so it's probably only of concern to tinfoil hats.

    3. Re:are you trolling or just ignorant? by rokzy · · Score: 1

      > Actually, it *is* MAC in this case. The MAC address...

      you didn't read grandparent, it's about that - not the summary

    4. Re:are you trolling or just ignorant? by Anonymous Coward · · Score: 0

      "Mac" is unable to announce anything, as it is an inanimate object.

      Ha!

      Hello, I am Macintosh. It sure is great to get out of that bag!

  6. eBay slow in Safari ... fixed. by timmytee · · Score: 4, Informative

    It appears that the slowness many saw with eBay in Safari has been fixed. Previously, the fix was to turn off javascript - a pain. No more spinning beachballs here (just revving G5 fans ...)

    1. Re:eBay slow in Safari ... fixed. by Anonymous Coward · · Score: 0

      gamespy.com is still really slow to render :(

    2. Re:eBay slow in Safari ... fixed. by stebe · · Score: 0

      Safari may load the eBay site more quickly, but it is still not without errors. Neither the "find it" button next to the "What are you looking for?" field, nor the "Search" associated with the "Advanced Search" field usually works on the first load. For some reason, having Safari refresh the page multiple times "fixes" this problem. Yuck.

    3. Re:eBay slow in Safari ... fixed. by Moofie · · Score: 1

      Now I just want them to fix the Sherlock viewer for eBay. That was handy!

      --
      Why yes, I AM a rocket scientist!
  7. Re:Airoport by cvandoren · · Score: 1

    I dont have internet connection sharing enabled.
    Here is my system log:

    Jan 26 00:26:25 localhost kernel: AirPort: Link DOWN
    Jan 26 00:26:25 localhost kernel: System Sleep
    Jan 26 00:26:25 localhost kernel: System Wake
    Jan 26 00:26:25 localhost kernel: Wake event 0008
    Jan 26 00:26:25 localhost kernel: AppleNMI unmask NMI
    Jan 26 00:26:25 localhost kernel: Sound assertion "0 != err" failed in "AppleLegacyAudio/AppleTexas2Audio/AppleTexas2Audi o.cpp" at line 960 goto Exit
    Jan 26 00:26:25 localhost kernel: FWOHCI handleSelfIDInt - nodeID not valid (reset bus and retry 1)
    Jan 26 00:26:25 localhost kernel: ADB present:8c
    Jan 26 00:26:26 localhost natd[306]: failed to write packet back (Can't assign requested address)
    Jan 26 00:26:26 localhost configd[90]: posting notification com.apple.system.config.network_change
    Jan 26 05:26:26 localhost webdavd[385]: http_socket_reconnect: connect(): No route to host
    Jan 26 05:26:26 localhost webdavd[385]: /Volumes/cvandoren unmounted
    Jan 26 00:26:26 localhost mach_init[2]: Server 0 in bootstrap d03 uid 0: "/usr/sbin/lookupd": exited as a result of signal 1 [pid 278]
    Jan 26 00:26:26 localhost configd[90]: executing /System/Library/SystemConfiguration/Kicker.bundle/ Contents/Resources/set-hostname
    Jan 26 00:26:26 localhost lookupd[395]: lookupd (version 324.7) starting - Wed Jan 26 00:26:26 2005
    Jan 26 00:26:26 localhost set-hostname[400]: setting hostname to localhost
    Jan 26 00:26:26 localhost kernel: AirPort: Link UP: "VD" - MAC ADDRESS!! - chan 8
    Jan 26 00:26:26 localhost natd[306]: failed to write packet back (Can't assign requested address)
    Jan 26 00:26:31 localhost mDNSResponder[172]: mDNSResponder Waking at 219515
    Jan 26 00:26:33 localhost configd[90]: posting notification com.apple.system.config.network_change
    Jan 26 00:26:33 localhost mach_init[2]: Server 22b3 in bootstrap d03 uid 0: "/usr/sbin/lookupd": exited as a result of signal 1 [pid 395]
    Jan 26 00:26:33 localhost lookupd[402]: lookupd (version 324.7) starting - Wed Jan 26 00:26:33 2005

    --
    PowerBook G4 12" 1.33 GHz Mac OS X 10.3.7, Pentium 4 2.4 GHz Win XP Pro
  8. Awesome! A New Troll!!!! by thedbp · · Score: 4, Funny

    I was getting SOOOOOO sick of that 17MB copy taking 20min. troll. Its good to see the trolls have banded together to stay relevant and on top of the new hardware Apple is releasing. I would hereby like to congratulate all trolls for propogating and expanding upon their repetoire of meaningless and ill-educated flamebait. Truly, being a Mac user wouldn't be nearly as much fun without the raging OS envy evident in these hilarious and thoroughly entertaining posts.

    Bravo!

    1. Re:Awesome! A New Troll!!!! by ravenspear · · Score: 1

      That wasn't as bad as that one troll who posted Apple is gay shit in every single Apple story for like 2 years.

    2. Re:Awesome! A New Troll!!!! by Ohreally_factor · · Score: 3, Informative
      I always kinda liked Kottke's opening words:
      I don't want to start a holy war here, but what is the deal with you Mac fanatics?
      Anyway, the original can be found at Kottke.org, from Nov 25, 1998 (Scroll to the bottom).

      What I like about the Kottke troll is that it is so versatile. You can substitute brands and products for comedic effect. For instance:
      I don't want to start a holy war here, but what is the deal with you <b>iPod</b> fanatics? I've been sitting here at my freelance gig in front of an <b>iPod Shuffle (1 GB)</b> for about 20 minutes now while it attempts to play an <b>Ogg Vorbis</b> file. 20 minutes. At home, on my <i>iRiveriGP-100</i>, which by all standards should be a lot slower than this iPod, the same operation would take about 2 minutes. If that.
      Hilarity ensues.
      --
      It's not offtopic, dumbass. It's orthogonal.
    3. Re:Awesome! A New Troll!!!! by commodoresloat · · Score: 1

      I don't want to start a holy war here, but what is the deal with you slashdot fanatics? I've been sitting here at my freelance gig in front of slashdot.org for about 20 seconds now while it attempts to load an HTML page. 20 seconds. At home, on cnn.com, which by all standards should be a lot slower than slashdot.org, the same operation would take about 2 seconds. If that.

    4. Re:Awesome! A New Troll!!!! by Anonymous Coward · · Score: 0
      ... in front of slashdot.org for about 20 seconds now while it attempts to load an HTML page.
      Slashdot generates HTML now? When did they finally fix that buggy mess they used to produce?
  9. Nice of them to make the switchers feel at home by artifex2004 · · Score: 1

    Especially now that they have a new unified page for security updates. Just don't call them "service packs" or nobody will ever use them :)

  10. Re:PC competition for the I-Mini MAC? by the+pickle · · Score: 1

    Which itself was a troll who somehow snuck into Ask Slashdot...

    p

    --
    In Korea, long hair is for old people!
  11. Re:Airoport by Anonymous Coward · · Score: 0

    Beats the shit out of me. Does your wireless network have a password on it? Is this password entered in the AirPort pane of Network Preferences?

  12. Someone else check...not the airport? by interactive_civilian · · Score: 4, Insightful
    Ummm...I just checked this out on some messages that I sent (using AirPort).

    The ethernet address WAS broadcast in the Message-ID header. However, that was the hardware ethernet MAC address, and NOT the Airport card MAC address.

    Can anyone else confirm that this is the case? If it is, then does this have anything with keeping WEP-based wireless networks secure?

    --
    "Empathise with stupidity, and you're halfway to thinking like an idiot." - Iain M. Banks
    1. Re:Someone else check...not the airport? by ravenspear · · Score: 1

      Yep, you're right. I even had the built-in ethernet interface disabled because I never use it, but that was still the address that was broadcast.

    2. Re:Someone else check...not the airport? by geoffspear · · Score: 4, Informative
      No, it has nothing to do with keeping anything secure. They use the machine's MAC address because it was a good way to generate unique message IDs, but it has nothing at all to do with the network the message was sent over.

      They will continue to use the builtin ethernet MAC address to generate IDs, but now they're sticking some random junk on the end and putting them through a hash function first, so the receiver of your message can't get your MAC address from it.

      --
      Don't blame me; I'm never given mod points.
    3. Re:Someone else check...not the airport? by Anonymous Coward · · Score: 0

      Indeed it will only help protect networks that filter connections based upon wireless card MAC address. I suppose that if you were sniffing such a network (unencryted of course) you could easily get the hardware MAC address from an e-mail, then spoof your own wireless MAC address so that you could connect to that network.

      Not really a big wowee in my opinion.

    4. Re:Someone else check...not the airport? by ruud · · Score: 2, Insightful

      I suppose that if you were sniffing such a network (unencryted of course) you could easily get the hardware MAC address from an e-mail,

      It's a lot simpler than that. If you can already sniff the network in the first place, why go to all the trouble of getting the MAC address out of an email message-id when you can simply look at the ethernet header itself which contains the MAC address!?

      --
      bgphints - internet routing news, hints and ti
  13. Re:In that case.... by GreyWolf3000 · · Score: 1
    Note to mods: the above post was not an attempt at a first post (nor would it have been successful).

    The post is supposed to make a joke about how seemingly unnewsworthy the "first security update of the New Year" is. I guess there's not enough there to make the distinction.

    --
    Slashdot: Where people pretend to be twice as smart as they really are by behaving like children.
  14. oh, and don't forget the local root exploit by OmniVector · · Score: 5, Informative
    see for yourself: http://otierney.net/files/root-osx.c. Basically exploits an suid bug in an iSync app. you can fix this local exploit by running:
    chmod a-x /System/Library/SyncServices/SymbianConduit.bundle /Contents/Resources/mRouter

    from the console
    --
    - tristan
    1. Re:oh, and don't forget the local root exploit by fuvm · · Score: 1
      Does not appear to be fixed in this security update:
      morris@lazarus:~> ll /Library/Receipts/SecurityUpd2005-001Pan.pkg
      drwx rwxr-x 6 root admin 204 26 Jan 10:23 Contents/
      morris@lazarus:~> gcc hax.c -o hax && ./hax
      sh-2.05b# id
      uid=501(morris) euid=0(root) gid=20(staff) groups=20(staff), 1(daemon), 80(admin)
      --
      "Baka, baka, minna baka."
    2. Re:oh, and don't forget the local root exploit by nemo_felinemenace · · Score: 5, Informative

      Hi, Just wondering if there's a reason you're posting my code on slashdot with the comments stripped? (code seen here: http://www.k-otik.com/exploits/20050123.fm-iSink.c .php) Regards nemo@felinemenace.org

    3. Re:oh, and don't forget the local root exploit by OmniVector · · Score: 1

      hi nemo, i was getting a compile error due to line wrapping and couldn't get it to compile. i was stripping the comments to see if it made a difference. anyways, it's fixed now on my server. i meant no disrespect.

      --
      - tristan
    4. Re:oh, and don't forget the local root exploit by nemo_felinemenace · · Score: 1

      No problem, i figured as much
      Damn k-otik and their .c.php ;)
      Regards
      nemo

  15. Repair permissions after install by Ilgaz · · Score: 2, Informative

    I am not totally sure but I launched dist utility after installing this update, log window flooded with wrong users, permissions. Especially files updated by this install.

    Go to Applications/Utilities (Apple+U in finder window) and launch disk utility, click repair permissions.

    In fact, its a good idea to do it once in a while.

    1. Re:Repair permissions after install by AddressException · · Score: 5, Informative

      Isn't that Command-Shift-U for Utilities?

    2. Re:Repair permissions after install by willoc · · Score: 0

      you made my day!!!

  16. No, but by commodoresloat · · Score: 1

    When my G4 tower goes to sleep, there is no waking it up. At all. OSX 10.3.7. Dual 867 Mirror drive doors G4. Everything else works perfect, as far as I can tell. I know this is totally offtopic, but if anyone knows a solution, I'm all ears...

    1. Re:No, but by Anonymous Coward · · Score: 1, Informative

      Sounds like the Power Management Unit (PMU) needs to be reset. Shut the Mac down, pull the plug. Press the front panel power button to discharge any leftover current in the PS. Open door, remove the logicboard battery (it's the one that looks like a 1/2 AA). There are two versions of the MDD G4, but on the MDD I have access to, the PMU reset is located right next to the ATA cable socket from the optical drives (And is labelled clearly). -THE FOLLOWING IS IMPORTANT- Only press the PMU swith once! All Apple documentation says this. Apparently, multiple presses can crash the PMU so bad that the whole kit-and-kaboodle needs to be sent back to Apple for repair. Wait maybe 30 seconds, then replace the battery, close it back up, plug it back in, and restart. Try a sleep/wake up cycle and see what happens.

    2. Re:No, but by Anonymous Coward · · Score: 0

      Do you have a Radeon 9000 in it?

      http://docs.info.apple.com/article.html?artnum=6 16 97

    3. Re:No, but by Juanvaldes · · Score: 1

      Please please please look up apples docs on this operation. I have a MDD and I seem to recall holding it for 30 seconds to do the reset. Look up exactly what apple recommends to do, it will be worth the time investment over possibly damaging your mac.

  17. Re:Is there such a beast? by commodoresloat · · Score: 1
    When my son asks for the "cute little MAC to play halflife 2 on", what real computer can I buy instead?

    Try the Mac Mini.

  18. Re:PC competition for the I-Mini MAC? by Anonymous Coward · · Score: 0

    This is a dupe, and it hasn't been done just ONCE before. Whoever tried (30% informative?) to mod that troll up should be punished Celesto Style (TM)

  19. new mac user needs help by dj_paulgibbs · · Score: 1

    Hi,

    I'm expecting to get my first Mac (a Mac Mini) delivered this Friday or thereabouts.

    Bearing in mind these updates, how would I go about updating them once i've turned on my Mac Mini? If it's obvious - and there's a software update tool, similar to up2date on linux, or apt-get update/upgrade - please don't trouble yourselves and just say "it is obvious, you'll see it, no problems".

    Many thanks.

    1. Re:new mac user needs help by kevinbr · · Score: 1

      Under the menu Bar Apple ( Blue ) select software update. Checks and displays current updates. Once you run it once and add updates, check again, as updates are sequenced.

    2. Re:new mac user needs help by Llywelyn · · Score: 1

      "it is obvious, you'll see it, no problems" :-)

      It should come up pretty quickly and inform you what's what.

      --
      Integrate Keynote and LaTeX
    3. Re:new mac user needs help by vilms · · Score: 1, Informative

      *eyes other slashdotters warily*

      The Mac OS X Software Update prog will run (unless you specifically request it not to) once your system is up and running. You can find the controls for Software Update in your System Preferences (Apple Menu or a shortcut in the Dock).

      Enjoy...

    4. Re:new mac user needs help by fatalb7 · · Score: 1

      it is obvious, you'll see it, no problems ;)

      Go to System Prefs and launch Software Update.

      Hope you'll enjoy your new little friend.

    5. Re:new mac user needs help by dj_paulgibbs · · Score: 1

      Many thanks all.

    6. Re:new mac user needs help by unclethursday · · Score: 1
      In addition to the others who told you it should run pretty quickly after your first start up, its default preferences are to run once every week, in the background, and check for new updates. You can change this time from that to manual (only when you want), or more often or less than the default once per week.

      Welcome to the world of Macintosh... I think you'll be happy with it.

    7. Re:new mac user needs help by TheRaven64 · · Score: 4, Informative
      Others have pointed out that there is a GUI for this, which is easy to use. There is also a command-line way of doing the same thing:
      $ sudo softwareupdate -i -a
      This will install any available software updates (see man softwareupdate for more options). This has the advantage that it can be done remotely, and doesn't bug you to restart as much (it just tells you that you need to).
      --
      I am TheRaven on Soylent News
    8. Re:new mac user needs help by Anonymous Coward · · Score: 0
      I'm expecting to get my first Mac (a Mac Mini) delivered this Friday or thereabouts. Bearing in mind these updates, how would I go about updating them once i've turned on my Mac Mini? If it's obvious - and there's a software update tool, similar to up2date on linux, or apt-get update/upgrade - please don't trouble yourselves and just say "it is obvious, you'll see it, no problems".
      it is obvious, you'll see it, no problems
  20. MAC becoming the computer equivalent of SSN by wowbagger · · Score: 3, Informative

    The Media Access Controller address is becoming the computing equivalent of the US Social Security Number - (ab)used for things for which it was never intended and is inappropriate.

    First of all, a MAC address does not uniquely identify a computer - it uniquely identifies a network interface. I have several computers which have more than one Ethernet controller in them, and so they have several MAC addresses associated with them.

    Secondly, since almost ALL modern cards allow the MAC address to be changed by software, there is no guarantee that the MAC address is unique.

    These two items alone should be sufficient to convince people that using the MAC address as anything other than the physical layer address of a specific Ethernet card is a BAD IDEA.

    If you want to generate a unique identifier for a message, use something else - use /dev/random (or your OS's equivalent service) or some other method.

    --
    www.eFax.com are spammers
    1. Re:MAC becoming the computer equivalent of SSN by TheRaven64 · · Score: 0

      If it is unique to a network interface, then it is unique to a computer (since you aren't likely to have the same network interface in multiple computers). Also, most cards don't allow you to change the MAC address in software. They allow you to put the card into promiscuous more (where it will pass all received packets to the driver, instead of just those that match the MAC address). The driver can then send acknowledgements for those that match a different MAC, making it appear to the network that they have a different MAC address at the expense of CPU time (and this can be a lot of CPU time if the network is busy).

      --
      I am TheRaven on Soylent News
    2. Re:MAC becoming the computer equivalent of SSN by wowbagger · · Score: 2, Informative

      Actually, having written several Ethernet drivers for standard chipsets for use within embedded systems, I can say you are incorrect - the MAC address is a set of registers on the card which are programmed by the card driver. Usually, the driver just reads the MAC from a EEPROM attached to the chip, but there is nothing preventing the driver from assigning whatever values to the card it wishes, ignoring the EEPROM.

      So MAC is not guaranteed to be unique among computers - in fact many consumer broadband routers will allow you to set the MAC of the router's WAN port to be identical to the MAC of your PC, if your ISP does MAC filtering (and this simply points out the futility of MAC filtering).

      --
      www.eFax.com are spammers
    3. Re:MAC becoming the computer equivalent of SSN by @madeus · · Score: 1

      First of all, a MAC address does not uniquely identify a computer - it uniquely identifies a network interface. I have several computers which have more than one Ethernet controller in them, and so they have several MAC addresses associated with them.

      In this sort of instance doesn't matter one jot that they have multiple MAC addresses though (especially when it's using an internal interface, where it's not as if you can remove it and put it in another machine, nor was it used as the complete unique identifier, just as part of a longer string).

      So, that argument really has no bearing.

      These two items alone should be sufficient to convince people that using the MAC address as anything other than the physical layer address of a specific Ethernet card is a BAD IDEA.

      It's used as part of the unique identifer, which is perfectly reasonable and sensible given the level of uniqueness, it's actually common way of generating UUID's specifically because when it's been combined the date & time and a random string it's superior to a mere random string on it's own.

  21. oh dear by Anonymous Coward · · Score: 0

    thanks to those who posted useful info about MAC addresses and email headers. But I think it is very dodgy for a mail app to be doing this.

    I used to like Apple Mail but now I've gone off it, seeing as it is embedding unique identifying info into every email. Hope someone writes a patch to stop it doing that cause it sounds a lot like MS to me.

    1. Re:oh dear by Guy+Harris · · Score: 1
      I used to like Apple Mail but now I've gone off it, seeing as it is embedding unique identifying info into every email. Hope someone writes a patch to stop it doing that cause it sounds a lot like MS to me.

      Note that neither Apple Mail nor the Microsoft apps were explicitly choosing to stick the MAC address of one of the network cards into {mail messages,documents} - they were sticking UUIDs into {mail messages,documents}, and the OS's routine for generating UUIDs was using the original DCE mechanism for generating UUIDs, which involves using a value expected to uniquely identify the machine at any given time (the MAC address) and time stamp information ("putting the 'U' into 'UUID'!").

      And, yes, somebody wrote a patch to stop it doing that; the "somebody" is named "Apple Computer", and the patch can be found in something called they call "Security Update 2005-001", a/k/a "Apple's First 2005 Mac OS X Security Update", as it's called in the Slashdot article about said Security Update, as per Apple's document about that security update (search for "Component: Mail" in that article).

  22. how to secure your WEP network. by anothy · · Score: 2, Interesting
    One of these fixes... ...will come as a welcome relief to those trying to keep their WEP-based wireless networks secure.
    unless said fix has to do with fixing something broken in WPA, this is silly. WEP is insecure. record break-in times to WiFi networks "secured" using WEP is well under half an hour; stock tools can do it in several hours to a day. WPA is hardly iron-clad, but it's orders of magnitude better than the fatally flawed WEP. one should not rely on WEP for security of any kind.
    --

    i speak for myself and those who like what i say.
    1. Re:how to secure your WEP network. by Yaztromo · · Score: 4, Informative
      WEP is insecure. record break-in times to WiFi networks "secured" using WEP is well under half an hour; stock tools can do it in several hours to a day. WPA is hardly iron-clad, but it's orders of magnitude better than the fatally flawed WEP. one should not rely on WEP for security of any kind.

      That's good advice -- but not always practical.

      First off, WEP is still better than absolutely nothing. It does prevent the uneducated and unexperienced from snooping in on you -- they have to have a bit of knowledge and put in some effort to see what you're doing.

      The big problem with WPA is that not all wireless devices support it. I'm in a nasty catch-22 at the moment on my WiFi network in that I've been contracted to do some development with and against a Palm Tungsten C, which is WiFi enabled, but which has absolutely no WPA support. My base station and other portables support WPA just fine, but I'm stuck with WEP because one device manufacturer for a device I absolutely need has decided not to bother with WPA support.

      If I had extra money just laying around with nothing much to do, I'd consider buying another base station to be hooked into my network (heavily firewalled off from the rest of my network) to provide only WEP access, and switch everything else back to WPA. But unfortunately I'm stuck with what I have at the moment, and have to rely on SSH and other encrypted protocols as much as possible to ensure my networks security, as WEP alone, while better than absolutely nothing, isn't enough.

      Before I go, an open rant: Palm, take your head out of the sand and realize that we T|C users need WPA protection, just like everyone else.

      Yaz.

    2. Re:how to secure your WEP network. by anothy · · Score: 1
      First off, WEP is still better than absolutely nothing.
      only on paper. you note - correctly - that it will slow people down from getting in. but your comment about it preventing the "uneducated and unexperienced from snooping" exposes the problem: how many uneducated people are going to have tcpdump skills? honestly, i've seen off-the-shelf free products that do WEP cracking *more easialy* than i've seen them do TCP sniffing.

      in practice, of course, your next point is the most useful: not everything supports WPA. but then, personally, i don't even rely on WPA. if it's got to be secure, you really want end-to-end encryption. SSL and ssh help a lot here. i wish Inferno/Plan9's network model had been more widely adapted: simply importing another (wired) machine's entire network stack over an end-to-end encrypted channel makes all these concerns simply go away.
      --

      i speak for myself and those who like what i say.
  23. Re:Is there such a beast? by Anonymous Coward · · Score: 1, Funny

    "My question is this. What PCs are currently on the market to compete with this? When my son asks for the "cute little MAC to play halflife 2 on", what real computer can I buy instead?"

    Tell him to go ask mommy at the kitchen bar. : P

  24. What's this about SquirrelMail? by wealthychef · · Score: 1

    Does SquirrelMail come with OS X?

    --
    Currently hooked on AMP
    1. Re:What's this about SquirrelMail? by wealthychef · · Score: 1

      Oops, sorry, I see that's for OS X Server only. Dang. :-) I'll have to go download it and install it myself, and last time I tried that, I couldn't get the damn thing to work. :-)

      --
      Currently hooked on AMP
  25. SSH by Anonymous Coward · · Score: 0

    So either I got compromised within hours of installing the patch, or something is drastically wrong now with ssh.

    Any time try to ssh to my isp, they record it as an imap attempt and my Mac says that no address is associated with the node name.

    Anyonne else have something wierd happen to ssh?

  26. Re:Airoport by cvandoren · · Score: 1

    I have 64bit encryption but i dont have a password in the network preferences. Is there something i can do that completely resets the Airport Card? Thanks for your help.

    --
    PowerBook G4 12" 1.33 GHz Mac OS X 10.3.7, Pentium 4 2.4 GHz Win XP Pro
  27. Re:Is there such a beast? by Anonymous Coward · · Score: 0

    When my son asks for the "cute little MAC to play halflife 2 on", what real computer can I buy instead?

    Just do what you normally do, i.e., punch him in the back of the head as you spurt your seed deeply into his anus.

  28. Re:PC competition for the I-Mini MAC? by bmxbandit · · Score: 1

    YOU can't, because YOU clearly wouldn't recognise a REAL computer if it landed on your desk. Also I would suggest that your WIFE is in fact your FIST!

  29. Awesome! A New Troll!!!! by not_hylas(+) · · Score: 0, Offtopic

    Fucking amateurs. ;-)

    Read and learn.

    http://www.cs.uu.nl/wais/html/na-dir/net-abuse-f aq /troll-faq.html

    MEOW ?

    --
    ~hylas