Notes from Spain and Spanish Forum Learn REAL Spanish now!  

Go Back   Notes from Spain and Spanish Forum > The Rastro > Geek's Corner

Notices

Reply
 
Thread Tools Display Modes
Old 24th June 2008, 04:09 PM   #1
guapo
Mega Forero
 
guapo's Avatar
 
Join Date: Apr 2006
Location: London
Posts: 364
Post Apple remote desktop vulnerability

since I know we have many Mac users in the forum, if you did not see this yet a security vulnerability in the Apple Remote Desktop utility is getting a lot of attention at the moment. Some more details here.

In short to see if you are vulnerable, open a terminal session and enter the following:

osascript -e 'tell app "ARDAgent" to do shell script "whoami"'

if the answer is "root" you are vulnerable. The short explanation being that anybody who can execute that command on your machine can get super-user access.

There is a very easy solution that is not being mentioned in many places. Open the system preferences and select Sharing. In the list of services select Remote Management and then on the right instead of "Allow access for: All Users" set it to "Allow access for: Only these users" and add yourself as one of the users. You need to restart the remote desktop agent for this to take effect - fastest way to do that is reboot.

Once done you get a response like this:

$ osascript -e 'tell app "ARDAgent" to do shell script "whoami"'
23:47: execution error: ARDAgent got an error: "whoami" doesn't understand the do shell script message. (-1708)

Mac OSX security issues like this are thankfully still a relatively rare occurence but worth paying attention to when they do get discovered.

Safe surfing to you all
guapo is offline   Reply With Quote
Old 25th June 2008, 07:38 AM   #2
88keys07
Alberto
 
88keys07's Avatar
 
Join Date: Feb 2007
Location: Portland, OR
Posts: 136
Default

Hmm...I could see how that would be a big deal. Do you know if this is going to be taken care of in Snow Leopard?
88keys07 is offline   Reply With Quote
Old 25th June 2008, 08:09 AM   #3
Ben
Hero Forero
 
Ben's Avatar
 
Join Date: Mar 2006
Posts: 4,423
Default

Thanks Guapo!
Ben is offline   Reply With Quote
Old 25th June 2008, 12:44 PM   #4
ValenciaSon
Hero Forero
 
ValenciaSon's Avatar
 
Join Date: Mar 2006
Location: Silver Spring, Maryland, USA
Posts: 4,917
Default

Does anyone know if you could go from the Tiger version of OS X to Snow Leopard?
ValenciaSon is offline   Reply With Quote
Old 25th June 2008, 01:24 PM   #5
gary
Samuri Forero
 
gary's Avatar
 
Join Date: Apr 2006
Location: Yorkshire
Posts: 2,714
Default

Yes, when they release the new OS its the whole thing not patches... Back up your pics n itunes flatten the lot, install Snow Leopard (when they release it) and put your tunes back, if you have mobile me (currently called dotmac you can sync all your book marks and address books and keychained passwords up too ...
gary is offline   Reply With Quote
Old 25th June 2008, 08:35 PM   #6
guapo
Mega Forero
 
guapo's Avatar
 
Join Date: Apr 2006
Location: London
Posts: 364
Default

Snow Leopard is not likely to ship until next year, but one thing that looks likely is that it will only support Intel based Macs so if you have an older Mac you may be out of luck.
guapo is offline   Reply With Quote
Old 26th June 2008, 06:41 AM   #7
88keys07
Alberto
 
88keys07's Avatar
 
Join Date: Feb 2007
Location: Portland, OR
Posts: 136
Default

I heard Apple was going to charge for Snow Leopard. Does anyone know if thats true or not?

That would be a real shame
88keys07 is offline   Reply With Quote
Old 26th June 2008, 10:19 AM   #8
gary
Samuri Forero
 
gary's Avatar
 
Join Date: Apr 2006
Location: Yorkshire
Posts: 2,714
Default

Quote:
Originally Posted by 88keys07 View Post
I heard Apple was going to charge for Snow Leopard. Does anyone know if thats true or not?

That would be a real shame
If you buy a new machuine it will ship with Snow Leopard - If you want to upgtrade you'll have to buy it - this has always been the case - the cost is not prohibitive plus, if like us you have three or four Macs in the house, you can buy a family pack which gives up to four licences for omly twice the individual unit cost. I am sure that Snow Leopard will be the one that runs Windows apps natively... but who knows?
gary is offline   Reply With Quote
Old 26th June 2008, 03:42 PM   #9
deecree
Errant in Forolandia
 
Join Date: Mar 2006
Location: Kobol
Posts: 1,043
Default

Quote:
Originally Posted by gary View Post
I am sure that Snow Leopard will be the one that runs Windows apps natively... but who knows?
Via what means?
deecree is offline   Reply With Quote
Old 26th June 2008, 05:56 PM   #10
gary
Samuri Forero
 
gary's Avatar
 
Join Date: Apr 2006
Location: Yorkshire
Posts: 2,714
Default

Quote:
Originally Posted by deecree View Post
Via what means?
Who knows? Jobs won't tell us. But there has been an ongoing presumtion in Mac circles that this is coming...

I'm sure they could find someone to do what this lot claim to have done, or even buy them out...

Quote:

http://www.maconintel.com/news.php?article=196

Want to play Half-Life 2 under Mac OS X? How about running Microsoft Office XP, Lotus Notes, or Visio -- all without Windows? Do it, and soon, with CodeWeavers' CrossOver Mac, which will be arriving in late July or early August this year, for a retail price of $59.95. And you read right, you don't need a copy of Windows.

We reported over a year ago that CodeWeavers would be bringing their CrossOver technology to the Intel-based Mac, and happily it's almost here. Under CrossOver, supported applications run alongside OS X apps in "rootless" fashion, unlike virtualization products such as Parallels Desktop which run Windows apps in a dedicated Windows window.
gary is offline   Reply With Quote
Old 26th June 2008, 07:03 PM   #11
deecree
Errant in Forolandia
 
Join Date: Mar 2006
Location: Kobol
Posts: 1,043
Default

Quote:
Originally Posted by gary View Post
Who knows? Jobs won't tell us. But there has been an ongoing presumtion in Mac circles that this is coming...

I'm sure they could find someone to do what this lot claim to have done, or even buy them out...
Ah. But CrossOver uses WINE.

Apple can't buy out an open source project, but, should they buy CrossOver they'd have to release everything they do back into the WINE project. With the amount of money Apple has - if this were to happen it would be a tear-jerkingly happy day.

WINE does work today, and the CrossOver software makes getting it to work easier. But it's still ugly and buggy and not everything works.

The best way to run Windows software on a Mac as if it were native, is to use VMWare Fusion. But for this you need need a Windows license and 512mb Ram minimum to spare.
deecree is offline   Reply With Quote
Old 26th June 2008, 07:40 PM   #12
gary
Samuri Forero
 
gary's Avatar
 
Join Date: Apr 2006
Location: Yorkshire
Posts: 2,714
Default

Quote:
Originally Posted by deecree View Post
Ah. But CrossOver uses WINE.

Apple can't buy out an open source project, but, should they buy CrossOver they'd have to release everything they do back into the WINE project. With the amount of money Apple has - if this were to happen it would be a tear-jerkingly happy day.

WINE does work today, and the CrossOver software makes getting it to work easier. But it's still ugly and buggy and not everything works.

The best way to run Windows software on a Mac as if it were native, is to use VMWare Fusion. But for this you need need a Windows license and 512mb Ram minimum to spare.
The point is its possible... how they do it is up the them but I cant see it going any other way...
gary is offline   Reply With Quote
Old 26th June 2008, 11:01 PM   #13
ValenciaSon
Hero Forero
 
ValenciaSon's Avatar
 
Join Date: Mar 2006
Location: Silver Spring, Maryland, USA
Posts: 4,917
Default

Quote:
Originally Posted by gary View Post
The point is its possible... how they do it is up the them but I cant see it going any other way...
If the Jobster said it at WWDC, it must be true. We'll see how when it comes.
ValenciaSon is offline   Reply With Quote
Old 27th June 2008, 12:34 AM   #14
deecree
Errant in Forolandia
 
Join Date: Mar 2006
Location: Kobol
Posts: 1,043
Default

Quote:
Originally Posted by ValenciaSon View Post
If the Jobster said it at WWDC, it must be true. We'll see how when it comes.
Then I'm looking forward to my free download of WINE 2.0 paid for by you guys in your Snow Leopard upgrade.

Personally I think they'll just update Parallels to run as VMWare Fusion does. You'll have a virtual machine like before, but the Windows windows will appear as part of OSX.
deecree is offline   Reply With Quote
Old 27th June 2008, 02:31 AM   #15
ValenciaSon
Hero Forero
 
ValenciaSon's Avatar
 
Join Date: Mar 2006
Location: Silver Spring, Maryland, USA
Posts: 4,917
Default

Quote:
Originally Posted by deecree View Post
Then I'm looking forward to my free download of WINE 2.0 paid for by you guys in your Snow Leopard upgrade.

Personally I think they'll just update Parallels to run as VMWare Fusion does. You'll have a virtual machine like before, but the Windows windows will appear as part of OSX.
I can live with that. Question is, can Mr. Gates live with that?
ValenciaSon is offline   Reply With Quote
Old 27th June 2008, 03:07 AM   #16
deecree
Errant in Forolandia
 
Join Date: Mar 2006
Location: Kobol
Posts: 1,043
Default

Quote:
Originally Posted by ValenciaSon View Post
I can live with that. Question is, can Mr. Gates live with that?
Yes, because you'll have to buy and install Windows to run as an "invisible" virtual machine, the same as you do now with Parallels.
deecree is offline   Reply With Quote
Old 27th June 2008, 11:35 AM   #17
ValenciaSon
Hero Forero
 
ValenciaSon's Avatar
 
Join Date: Mar 2006
Location: Silver Spring, Maryland, USA
Posts: 4,917
Default

Quote:
Originally Posted by deecree View Post
Yes, because you'll have to buy and install Windows to run as an "invisible" virtual machine, the same as you do now with Parallels.
I thought Jobs said we won't need Windows.
ValenciaSon is offline   Reply With Quote
Old 27th June 2008, 11:56 AM   #18
gary
Samuri Forero
 
gary's Avatar
 
Join Date: Apr 2006
Location: Yorkshire
Posts: 2,714
Default

Quote:
Originally Posted by ValenciaSon View Post
I thought Jobs said we won't need Windows.
From which one might concluse that the apps will run on OSWhatever without Windows...
gary is offline   Reply With Quote
Old 27th June 2008, 07:26 PM   #19
deecree
Errant in Forolandia
 
Join Date: Mar 2006
Location: Kobol
Posts: 1,043
Default

If they will complete the gaps in Wine that would be great (You can seamlessly install many Windows apps on Macs today using it). Should they do this, or create their own windows emulator, it would be via back-engineering Windows and would probably attract a lawsuit.

So I still only expect an updated Parallels.
deecree is offline   Reply With Quote
Old 27th June 2008, 10:48 PM   #20
deecree
Errant in Forolandia
 
Join Date: Mar 2006
Location: Kobol
Posts: 1,043
Default

Quote:
Originally Posted by guapo View Post
since I know we have many Mac users in the forum, if you did not see this yet a security vulnerability in the Apple Remote Desktop utility is getting a lot of attention at the moment. Some more details here.

In short to see if you are vulnerable, open a terminal session and enter the following:
Apple Fanboi: Macs don't have vulnerabilities!! Macs aren't vulnerable, they are "security challenged"!!

deecree is offline   Reply With Quote
Reply

Bookmarks
Learn REAL Spanish now!

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 04:42 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2019, vBulletin Solutions, Inc.