On Oct 5, 2010, at 7:12 PM, Alex Satrapa wrote: > On 06/10/2010, at 07:19 , Bart Silverstrim wrote: > >> Nothing on you in particular, I just think that sometimes companies go out >> of their way for wacky scenarios that really shouldn't be much of a concern >> in the first place while leaving open other more obvious routes of >> penetration, and forgetting their biggest security weakness is their users. >> The description you're giving is that the user will associate their Mac with >> a common AP, the attacker then targets that machine with an OS X exploit to >> get rooted, then implant a trojan that then attacks the wired network >> for...known files? Spreading a worm? > > There's a certain nuclear plant in Iran that would like to have a word to you > about your claim of "whacky scenarios that really shouldn't be much of a > concern in the first place." > > Here's another scenario: your (small to medium enterprise) company is > involved in a legal wrangle worth millions of dollars to the winning side. > The other guys have obtained some malware writing toolkit, which they use to > write a virus (or perhaps a Flash ad that exploits a vulnerability in the > Flash Player) to look for Pages documents mentioning any of the key words for > this case and email them to a mailinator account. > > The cost of writing a virus is fairly low, compared to the risk of contacting > someone and offering them inducements to leak documents, since phone calls > are more easily traced than anonymous email. > > To make the assumption that Mac OS X is immune to malware is to assume that > your own faeces do not emit malodorous scents.
I never made such an assumption nor such a claim. Where in HELL did I make that assumption, or did you just pull it out of your ass? Christ. You're right. Everyone should brace themselves for every possible way they could have their ultra top target business infiltrated. You want to solve your wireless problem? Remove the damn wireless network. That mitigates the risk. Use only hardwired connections, locked down to MAC address per port. Impose every hardened security measure you can on your employees. I'm sure they're going to follow them to the letter, never propping doors open or trying to browse websites you don't deem one hundred percent secured and verified. I never said there weren't places that aren't being targeted, but it seems this list apparently has everyone at Pentagon or NASA level profiles of targets. We all know the BonTon needs the same security measures taken as Bank of America. You wanted to know about shutting down the interface when a cable was plugged in. I think I already answered you; I DON'T THINK IT'S BUILT IN TO OS X. That answer was in the first message, which everyone immediately seemed to gloss over. I also suggested locking down access using the manager tool in OS X SERVER. Was that all ignored? I saw only people instead mocking how I couldn't POSSIBLY take this crap so seriously, despite the references to the USERS being the biggest security flaw, and instead FOCUSING on "wacky scenarios." How was I supposed to know the OP was working for an Iranian Nuke Plant? What are the damn odds of THAT? All the businesses that get audited, have consultants come in to work for them, this guy apparently works for a nuke plant in a foreign country that just happens to be targeted in an international pissing match with a group of government sponsored hackers dicking with their electronic infrastructure. What WERE the odds of that? Oh, wait, he never said what he's working on. I should probably assume it's something like that, or the pentagon, where they have need of allowing employees the freedom of connecting to remote access points but recoil in horror at the possibility of something happening as a side effect. After all, the odds are FAR greater that someone's going to break the business network by targeting the OS X operating system flaw and jumping through a dozen hoops rather than taking advantage of human nature. Schneier must be some lunatic wacko on the fringe when he talks about this stuff. I gave an answer, which no one seems to have acknowledged and instead focused on the side commentary on security measures taken without regard to the human factor. He is saying this isn't his problem so much as the auditors and lawyers and such, meaning that in the end it's a bu...@#$^ political problem in the business and he needs a way to get them off his back. Someone else decides to chime in with how horribly POSSIBLE these scenarios are and apparently needs the bases covered, because we know that we need to be prepared for every scenario (I should take that to the school board, since they for some reason leave our doors open and unlocked for several hours in the morning and afternoon for the kids to be dropped off and let in; there are schools scattered throughout the country where there HAS been violence, after all, so it's very possible a disgruntled parent or student could attack the school through that route...it could happen, we need to be prepared, despite it being rare as hell. Maybe we should spend more of the budget putting in bullet proof glass too, since someone could shoot through the windows. And steel-reinforced doors in case there's a shooter. More cameras remotely viewable as well. And martial arts training for the teachers and staff.) I gave my answers, they're obviously not helpful to you. I gave a personal opinion as well when I shouldn't have, so ignore it. I know someone will be unable to resist replying anyway, but I'm done, I promise, so everyone else can take turns getting the last word and be happy with themselves knowing that they sated that gnawing gremlin in their mind that OH MY GOD SOMEONE ON THE INTERNET IS WRONG AND I MUST BEAT HIM DOWN WITH MY CORRECT AND SUPERIOR WISDOM._______________________________________________ MacOSX-admin mailing list [email protected] http://www.omnigroup.com/mailman/listinfo/macosx-admin
