Login  |  Register  |  Contact

I’m With Ptacek- I Run My Mac As Admin

I'm still in New York for the FISD conference, listening to Team Cymru talk about the state of cybercrime as I wait for my turn at the podium (to talk about information-centric security and DLP). One problem with travel is keeping up with the news, so I pretty much missed the Applescript vulnerability and now have to write it up for TidBITS on the plane before Monday.

I was reading Thomas Ptacek's post on the vulnerability, and I think it's time I joined Tom and came out of the closet.

I run as admin on my Mac. All the time. And I'm not ashamed. Why? As Ptacek said, even without root/admin there's a ton of nasty things you can do on my system. In fact, you can pretty much get anything I really worry about. I even once wrote some very basic Applescript malware that ran on boot (after jailbreaking an improperly configured virtual machine). It didn't need admin to work.

There. I feel better now. Glad to get that out there.

(If you're going to criticize this, go read Tom's post and talk to him first. He's smarter than me, and not on an airplane.)

—Rich

Posted at Thursday 19th June 2008 11:06 pm Filed under: applegeekmiscthomas ptacek

Previous entry: I'm Not The Only Blogger Here! | | Next entry: Improving OS X Security

Comments:

If you like to leave comments, and aren't a spammer, register for the site and email us at info@securosis.com and we'll turn off moderation for your account.

By Kirk  on  06/19  at  06:30 PM

Admin or not, the exploit works the same. It can even affect guest accounts.

By Kirk  on  06/19  at  06:50 PM

And, BTW, I just read his post - he’s clueless too. It has nothing to do with AppleScript dictionaries… ARDAgent doesn’‘t have one.

Page 1 of 1 pages

Name:

Email:

Remember my personal information

Notify me of follow-up comments?

Submit the word you see below: