A programmer's rants » Security http://blog.andremedeiros.info Random rants about code and life. Fri, 25 Sep 2009 10:40:45 +0000 en hourly 1 http://wordpress.org/?v=3.0.1 Mac OS X – Epic Fail http://blog.andremedeiros.info/2008/06/mac-os-x-epic-fail/ http://blog.andremedeiros.info/2008/06/mac-os-x-epic-fail/#comments Thu, 19 Jun 2008 12:16:04 +0000 changelog http://blog.andremedeiros.info/?p=6 While getting up to speed with Slashdot, I found an interesting article about a security breach on Mac OS X that allows user escalation through AppleScript.

Trying it on the terminal works, but, as they say, the user needs to have physical access to the machine. So, Patrício suggested trying to access through SSH to see if it works, and it did.

Slashdot member gombah99 posted a tip on how to neutralize it non-destructively:

  1. cd /System/Library/CoreServices/RemoteManagement/
  2. sudo tar -czf ARDAgent.app.gz ARDAgent.app
  3. sudo chmod 600 ARDAgent.app.gz
  4. sudo rm -r ARDAgent.app

Here’s to you, Apple Un^H^HSecurity Team!

]]> http://blog.andremedeiros.info/2008/06/mac-os-x-epic-fail/feed/ 6 Digital 9/11… or so they say http://blog.andremedeiros.info/2008/05/digital-911-or-so-they-say/ http://blog.andremedeiros.info/2008/05/digital-911-or-so-they-say/#comments Tue, 27 May 2008 15:21:48 +0000 changelog http://blog.andremedeiros.info/?p=4 I just read the latest press release from the European Network and Information Security Agency alerting about a possible digital 9/11. All I can say is that I’m shocked on how these people are so narrow-minded.

Now, the biggest threats on this matter seem to be botnets, spam and computer viruses.

Guys, here’s a free tip: install Linux and switch to Google Apps. Works for me (TM) ;)

]]> http://blog.andremedeiros.info/2008/05/digital-911-or-so-they-say/feed/ 0