Slashdot Mirror

← Back to Stories (view on slashdot.org)

An Ex-NSA Hacker Who Has Organized the First-Ever Mac Security Conference (vice.com)

Posted by BeauHD on from the first-of-its-kind dept.

Motherboard's Lorenzo Franceschi-Bicchierai spoke with Patrick Wardle, the ex-NSA hacker who's organizing a security conference exclusively dedicated to Macs. Despite what Apple has famously promoted in the mid 2000s that Macs don't get "PC viruses," Mac computers do in fact have bugs, vulnerabilities, and even malware targeted at them. From the report: "People are peeking behind the curtain and realizing that the facade of Mac security is not always what it's cracked to be," Wardle told Motherboard in a phone interview. "Any company that designs software is going to have issues -- but Apple has perfected the art of a flawless public facade that masks many security issues." Wardle would know. After hacking primarily Windows computers at Fort Meade, for the last few years Wardle been finding several issues in MacOS, so many that he considers himself a "thorn" on Apple's side. But his conference is not an exercise in shaming or finger pointing, Wardle said he hopes to educate and teach people about Mac security, especially now that so many companies are using Macs as their corporate computers.

The conference is called Objective By the Sea, a wordplay on Objective-See, the name of Wardle's suite of free Mac security products (which is itself a wordplay on Apple's main programming language called Objective-C.) It will be held in Maui, Hawaii on November 3 and 4. The conference will be free for residents of Hawaii, and for patrons of Objective-See. That's why Wardle said he can't afford to pay for all speakers to attend, but he had no trouble finding people who wanted to participate. One group that doesn't want to come to Maui, at least for now, is Apple. Wardle said he reached out to the company, essentially offering it carte blanche to talk about whatever it wanted. But the company, so far, has not responded, according to him.

4 of 46 comments (clear)

  1. Re:Yes of course, Macs use Intel processors.. by JBMcB · · Score: 5, Informative

    ...and you can basically use the same "god mode" hack as with any other "Pc".

    Any other VIA C3 based PC, you mean. This hack was possible because the C3 has an embedded low power RISC core, probably for some kind of sleep state managed mode or something. With a "hidden," or possibly malformed instruction, you can wake it up and access protected memory by sending it instructions.

    The ostensible analog on the Mac side is the Intel MME. Only issue with that is the MME isn't really used on the Mac platform. It's included, but the Mac platform doesn't enable any of it's features (vPro management, mainly.)

    --
    My Other Computer Is A Data General Nova III.
  2. Not just Unix-like, but actual certified UNIX by raymorris · · Score: 4, Interesting

    Coming from using Linux exclusively for 15 years, I was skeptical of the Mac sitting on my desk at my new job a few years ago. It turns out Mac isn't just Unix-like, it's actual certified real UNIX (tm). It's more UNIX than Linux or FreeBSD are.

  3. Comment removed by account_deleted · · Score: 2

    Comment removed based on user account deletion

  4. Re:Yes of course, Macs use Intel processors.. by tlhIngan · · Score: 2

    Any other VIA C3 based PC, you mean. This hack was possible because the C3 has an embedded low power RISC core, probably for some kind of sleep state managed mode or something. With a "hidden," or possibly malformed instruction, you can wake it up and access protected memory by sending it instructions.

    The ostensible analog on the Mac side is the Intel MME. Only issue with that is the MME isn't really used on the Mac platform. It's included, but the Mac platform doesn't enable any of it's features (vPro management, mainly.)

    Not likely. Likely it's access to the real CPU core, not some hidden management processor.

    You have to remember that the Intel Pentium was probably the last of the x86 processors to actually run x86 code. The Pentium Pro (and Pentium II, same architecture) emulated x86 - they have an x86 front end that translates x86 instructions into an undocumented RISC core that executes them. (Intel calls these instructions "micro ops") The front end is split into several units - most of them are "simple crackers" that crack basic x86 instructions into micro ops directly, while there is a complex cracker that translates complex x86 instructions into many micro-ops. The simple crackers can emit one micro op each per clock (issuing several instructions), while the complex cracker can emit up to 2 micro-ops (a complex instruction may consist of many micro-ops).

    Likewise, AMD has been doing the same since at least the K5 series, and it's not a surprise if everyone else has as well.

    Via CPUs are typically highly integrated SoC type processors as well, so it wouldn't be a surprise if this functionality (which is documented in the processor user manual - isn't it fun spending months trying to reverse engineer something that was already in a document that a lookup could've saved much effort?) is used to provide emulations of common devices and operating modes.

    So like a VM, it can trap certain instruction calls and emulate them in software, except instead of emulating in x86, it does it natively.