11/04/2014

Apple OS from 10.8 can get easily hacked and rooted - how to protect (take a pc:))

"Yosemite OS X users are advised to follow the below steps in order to protect yourself from the exploitation of the Rootpipe:
  • Avoid running the system on a daily basis with an admin account. An attacker that will gain control on this account will obtain anyway limited privileges.
  • Use volume encryption Apple’s FileVault tool, which allows encryption and decryption on the fly, protecting your information always.
However, the best way to protect yourself from such security vulnerabilities is to ensure that the operating system running on your system is always up-to-date, and always be careful to the links and documents others send to you.

http://thehackernews.com/2014/11/rootpipe-critical-mac-os...  (read the article about how easy your mac - so safe they safe - can be totally hacked quite easily) 

this advice is crap because it doesn't give you any protection

First of all you will probably have installed enough users with admin credentials and given a number of games and software rights to the root. The best thing to do is to make a new account with very limited rights - no installs for the time being so that no 'admin rights' are becoming a gateway for the attacker

Secondly the encryption of your information on your harddisk is not necessarily a protection if you are 'ROOTED' because the hacker will be able to have, access or see your information from the root without any encryption. He will become a trusted user or process because he will have assigned these rights and trust to himself. Encryption is a protection when you want to transfer that information to an unknown destination or over an unknown channel. 

How bad is the possible infection and defect 

it is something that we haven't seen in Windows for years, is coming back in full force for linux and Mac is in fact a nice cover put on the motor of OPENBSD which is in fact a kind of linux 

When will it be corrected 

well, that is another matter of discussion because they will try to have it upgraded and tested before the middle of january which means another two months 

this means another two months that you will have to be extremely careful with downloads and links and all that kind of stuff

some advice that is useful 

make a folder on your D drive and install all your downloads (files, films and so on) in that folder 

use only online email and don't download anything you don't have to 

close down your firewall and give very limited rights to all the programs 

install several free antimalwares or one professional macintosh anti malware package 

scan and update your machine BEFORE you start surfing

use Firefox or Chrome as a browser and close them down with as little possibilities as necessary 

Permalink | |  Print |  Facebook | | | | Pin it! |

The comments are closed.