[PLUG] Hacking and Universities...

Darkhorse plug_0 at robinson-west.com
Wed Nov 17 03:53:22 UTC 2004


> > My brother had ipfw configured.  I don't know if his firewall 
> > was up when the virus hit.  Apparently it came in through
> > Safari.  He believes that the virus gets around ipfw 
> > considering that he has rules denying multicast packets
> > and his laptop does multicasting to who knows where.
> > Assuming ipfw on his iBook doesn't work because of a flaw somewhere,
> > a hardware firewall could indeed be better than the supplied
> > software one.  This virus eats data files, so his laptop is 
> > worthless unless it can be cleaned.
> 
> Well, if it isn't up, it isn't worth much now is it? Preventing such
> packets coming in, doesn't prevent you from sending them out. Perhaps
> this is a virus of the common type called "hardware failure"? These virii
> appear to accumulate on old hardware eventually rendering it completely
> useless (completely dead), no one has tracked down who originally created
> these, but it appears the manufacturers try to encourage their spread in
> order to get people to "upgrade" their computers. Apparently there is a
> special firewall called a "warrenty" that stops these from spreading.

I realize a firewall isn't worth beans if it isn't up, the interesting
thing even though there were rules to block outbound multicasts is that
those rules didn't work.

This isn't old hardware, it's a practically brand new G4 powerbook. 
Shame on CompUSA for not updating the patches when they upgraded 
the hard drive if that is in fact why the laptop failed.  It could be
hardware failure, that's why the laptop was taken away from my brother 
and run over to the shop.  My brother is an EE who feels he 
can fix any computer, but we weren't getting what we really needed
from google and you don't blow $12k over a $1k laptop anyways. 

The biggest problem I see is that protecting the firmware is an
afterthought. It's useless to have a "good OS" if you don't protect
the hardware foundations it runs on.  It's arrogant to say that the
firmware in Apple iBooks doesn't get hacked, arrogant and stupid.

This iBook without some kind of firmware protection is too easily 
hacked. Linux is the only system that appears to work correctly on 
it if it can't be fixed.  We did a test with a ppc gentoo minimal
disk and found it wasn't broadcasting those strange packets that it
does when you're running MacOSX.  Schools use dangerous software like
adobe acrobat, powerpoint, and MS-Word.  How are you supposed to look 
at files from these programs if these files can not only virus, but in
some cases completely destroy your computer?  If you can simulate a
computer and protect the underlying hardware, that might not be so bad.

Whoever thinks that MacOSX is more secure than Linux is full of it.

Hopefully, any flaw is a faulty part and not a design mistake on the
part of the makers of iBook.  You would think that these machines would
get tested at the store before they're sold though.

I sure hope that CompUSA can figure out what went wrong and come up with
an affective prevention method that doesn't bar connecting to networks.

I wonder what the probability is that the MacOSX install disk itself is
hacked?




More information about the PLUG mailing list