General discussion


Mac exploits and the impact on it's FreeBSD core operating system

By DanLM ·
Ok, I've tried to ask this in a number of different forums and it seems it always gets glossed over. So, yuk a hey. I'll try it this way.

Mac OS X has had several 0 day exploits patched, they have had someone break into them in a number of minutes to win $10,000 dollars.

I personally don't care what Mac user's think about the security of their system with regards to other operating systems. If they are so stuck up that they don't think they can't be taken down, then they will fall real hard and soon.

My concern is with the operating system that I do like. Unlike die hard people, I do not hold any illusions that my favorite flavor of Unix can not be exploited and require 0 day patch's. Thus, the reason for this post.

Mac OS X has as it's core operating system FreeBSD. With the exploits being found on Mac's, does this in any way bring to the surface weakness's also in FreeBSD. Or are the exploits specific to Mac's?

Mac users, don't bother flaming on me. I work for a publishing company and know the value of Mac. But get over it, you are now coming to the attention of the people that break into other people systems for a fun and a living.

FreeBSD is all I care about in this post. I want to know if the unwanted attention of Mac's is showing vulnerabilities in FreeBSD also. And if it is, why isn't there as many posts/blogs/articles about the BSD weakness's.

Unlike diehard os people, I do care to know about any vulnerabilities. I also do not want them covered up. Hiding your head in the sand does not solve the solution, which I personally think Mac is doing by the way by not addressing issues instantly and openly.


This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

I think it would have to do with the specific flaw

by Neon Samurai In reply to Mac exploits and the impa ...

If it's a flaw through one of the FreeBSD components then you should be seeing an update including it from your repository (or BSD equivalent). If it's a flaw in one of the proprietary pieces of osX frosting then isn't a thing to do with BSD. BSD is still a new toy to me so I'm purely speculating.

I'd actually assumed FreeBSD related patches where being offered through the regular community channels until you asked.

Collapse -

Who knows?

by ScienceMikey In reply to Mac exploits and the impa ...

The problem with Apple-- and the BSD license in general-- is that Apple is under no obligation whatsoever to give anything but credit back to the communities it has taken so much from.

A good example of this is the OpenDarwin collapse (and partial resuscitation)-- it's clear that Apple wants things "open" just enough that people will be willing to contribute, but not enough that someone could actually BUILD an open-source analog to OS X. Another example is the relationship between Safari and Konqueror, which has been MUCH more a one-way street than the KDE guys would like, I'm sure.

The bottom line: who knows, for sure? The release of the patches, though, should allow the various *BSDs to back-port them, if they are applicable.

As someone said recently, "Microsoft and Apple are BOTH evil empires-- Apple is actually MORE dangerous because at least they're competent!"

Collapse -

Well said

by Tig2 In reply to Who knows?

"As someone said recently, "Microsoft and Apple are BOTH evil empires-- Apple is actually MORE dangerous because at least they're competent!""

It is never a good plan to put one technology on a pedestal over all others. With Mac gaining popularity, the "security through obscurity" edge that they enjoyed is rapidly diminishing.

Mac is out to make money and market share, same as any other hardware or software manufacturer.

Collapse -

(MacOS X != FreeBSD) and (vulnerabilities != exploits)

by apotheon In reply to Mac exploits and the impa ...

The MacOS X vulnerabilities to which you refer have at least mostly (if not entirely) been specific to the Mac-specific software that runs on top of the kernel and core utilities.

While the kernel of MacOS X is in part derived from FreeBSD, it is not the FreeBSD operating system. It is a heavily modified, but largely API/ABI compatible spin-off of the FreeBSD kernel. The core utilities are basically lifted whole from the free/libre/open source software community and deposited on top of the resultant kernel, and the result is the DarwinOS project (with the modified kernel being the Darwin kernel). Thus, while the core is a close relative of FreeBSD, it is not itself FreeBSD, and the rest of the OS layered on top of Darwin is in no way related to FreeBSD at all.

Even in the case of security vulnerabilities involving the core utilities, it's entirely possible the same vulnerabilities do not exist with FreeBSD -- because they're probably configuration vulnerabilities rather than actual poor software design vulnerabilities. Furthermore, actual software vulnerabilities that are exploitable in a default MacOS X install may not be exploitable in a default FreeBSD install, as matters such as privilege separation management in userspace is significantly different for MacOS X than FreeBSD. The increased propensity for autorunning executables in MacOS X can alone account for a number of deep vulnerabilities being exploitable on a Mac but not on a FreeBSD system in default configuration.

Finally . . . it's important to keep in mind that a discovered vulnerability is not, in and of itself, a bad thing. Discovering vulnerabilities is good, as this allows you to patch them. If it happens that some vulnerability in MacOS X is discovered that may also apply to FreeBSD, that saves the FreeBSD people from having to discover it on their own, so they can patch it. The real problem is when the "bad guys" discover a vulnerability before the "good guys" do, and thus have an opportunity to exploit it.

The lessons of security through visibility are very relevant to this.

Collapse -

Thanks apotheon

by DanLM In reply to (MacOS X != FreeBSD) and ...

I knew they Mac had modified the kernal and because of some limited experience here at work on OS X. I can see how various command line utilities are different in that they are gui on the OS X. And also know that there is some fundamental differences because the command line is no longer reconized(cant do adduser comes to mind).

I just don't know enough though to tell if these expoits were specific to parts of the core that remained unchnaged or not. Thus, my question.

Again, I don't expect BSD to stay uncompromised. I was just concerned because I have seen no mention anywhere with regard to these exploits and BSD. I would much rather have this in the open and being corrected immideatly then I would have secure by not being mentioned.

Thanks again apotheon and everyone else that has responded. I would rather know of any issues then not know.


Collapse -

If I remember right,

by huoml In reply to Mac exploits and the impa ...

the recent exploit on Mac was through Quicktime/Safari combination. Nobody, in given time, was able to compromise Mac OS to get elevated priviledges.


Collapse -

Zero is 0

by razz2 In reply to Mac exploits and the impa ...

I agree that hiding the head in the sand is always bad and
really any OS is subject to these faults/holes. Code is very
complex and in some cases it is the drivers written by 3rd
parties at fault. Any OS manufacturer need to be more
ontop of it now-a-days. Many Mac users (like myself) are
blind to the real weakness because of the lack of attacks.
The holes are there and just not used as much because of
the lack of footprint in the market. So, from a Mac fan, I
agree the issue exists but, lets be clear that the $10,000
you mention was on the second day of a contest after no
one was able to take control:

"After two Apple MacBook Pros survived the first day of
CanSecWest's 'PWN to OWN' contest that dared hackers to
take control of default Mac OS X installations, CanSecWest
earlier today lowered the barriers as planned since "there
has not been a successful attack." "

At that point in about 2 hours 24 min. the attack was a
success by suppliying a URL for the Mac to visit with
Safari. Still a hole none the less but not as simple as just a
take over.

Collapse -

I think my question is though

by DanLM In reply to Zero is 0

And this is not a nock at mac, seriously.

There have been 0 day patch's. Mac's are more visible now, it was bound to happens. My question was and always will be. How does the patch's affect the base core(unmodified) of FreeBSD and that I want any and all information above water for everyone to see and fix.

Now where I do have issue, does not deal with the Mac OS itself. But with apples approach to the reporting of the various holes. They are not as open as I think they should be. With that said, again. This affects me as a FreeBSD user. If it is a FreeBSD hole, then I want to know about it. By apple not being forthcoming in their information, they are affecting more then just the users of their operating system.

Does that make any sense?

This was not a Mac flame, I work with too many people that love them. And I have spent enough time working with x10 to understand their likes. But I have my own concerns because of the unmodified parts of that core os with regard to any vulnerability found. Thus, I ask and speak up.


Collapse -

That makes perfect sense.

by Absolutely In reply to I think my question is th ...

I certainly understand that you would like the author of your OS, or I guess in your case the co-author, to be more forthcoming about flaws. But I have to ask, with all my sarcasm intended to be genuinely sympathetic, "If Apple doesn't do what you like, what are you going to do? Switch to Windows?" With Microsoft's failure to perform, those who can afford Apples seem really unlikely to switch to the competition in significant numbers any time soon. In short, what I'm saying is that I think you're going to have to get used to at least some of the unease that has been inseparable from online computing using Microsoft platforms for the past 12 years.

Collapse -

oh, I don't want anyone to switch absolutely

by DanLM In reply to That makes perfect sense.

Truthfully, to everyone their pie. Eat what you like, no sweat off my brow.

But, apple has taken another os and modified it to meet their requirements. No problem, works for me. Thats the great thing about open source. But have respect for the base product which you have modified and understand that your problems can also be someone else's problem that has nothing to do with how you treat your customers.

Ok, thinking back on this. Your right absolutely, there is no way they will change their buisness practices(apple) with regard to how they deal with flaws that are found. How they report them, the type of information they give, and the turn around time for the fix.

Oh well, I guess the only thing I can do is keep asking when I read of something that I think might affect the os that I do use which the mac is based off now. I'll just have to do more research into any flaws that are found, and try to determine if it could be a core issue.

Actually, I shouldn't restrict this to Mac. BSD also pulls in Linux binaries, which I know there have been issues with also.

ack, waisted thread. sorry


Related Discussions

Related Forums