Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Regarding the 'opener' malware script' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Regarding the 'opener' malware script
Authored by: diamondsw on Nov 01, '04 10:25:06AM
# Physically secure your machine, if possible.
# Always use a screensaver/locking program when you leave your machine, even for a minute or two.
# Apply all security updates in a timely fashion.

And how are these supposed to protect your machine? Good advice for the paranoid, but these will do nothing for Opener. These only make a difference if someone else knows your password, which is required to install it. So the only real advice is:

Don't give out your password

[ Reply to This | # ]
Regarding the 'opener' malware script
Authored by: DonkeyHo-T on Nov 01, '04 10:44:30AM

There are additional problems beyond merely giving out your password.

Nothing gaurantees the permissions of /Library/StartupItems and any StartupItems placed in the folder run as root during the next startup.

As the opener script itself points out, there are numerous programs that store passwords in preference files rather than in the keychain and some of those preference files can contain an admin password in clear text so if a person has read access to your drive (for instance physical access and you do not set a screen-saver password) then the person may well be able to obtain your password without "you" giving it to them.



[ Reply to This | # ]
physical access
Authored by: hayne on Nov 01, '04 12:46:20PM

if someone has physical access to your machine, they can restart it with the Install CD or via "single-user" mode and thus obtain 'root' privileges without the need for any password. Thus the admonition to physically secure your machine. For machines that are publicly accessible, it is essential to set the "open firmware" password to prevent the above.

If you leave your Mac running without activating the screensaver, anyone can access your files and (for example) install hidden malware using the privileges of your user account. This is often the first step towards obtaining your password and full control of the machine.



[ Reply to This | # ]
more on physical access
Authored by: echo mirage on Nov 01, '04 01:19:02PM

The first poster should also know that all precautions, OF security modes and otherwise, go out the window if the machine's case is unlocked. A real padlock completes the 'reasonable' physical security checklist. Without a locked case, I wouldn't bother with OF mode changes, frankly.

You should keep your machine's case integrity in mind when considering counterintrusion policies unless you live alone in the woods with lethal perimeter security, and see other humans infrequently.

---
--------------------------------------------
d i l i g e n t i a . v i s . c e l e r i t a s
--------------------------------------------



[ Reply to This | # ]