Showing posts with label mac. Show all posts
Showing posts with label mac. Show all posts

2019-03-04

snapshot unresponsive? check for shortcut changes:

3.4: web.cyb/mac/snapshot unresponsive? check for shortcut changes:
. the mac snapshot shortcut no longer works;
one reason could be Apple had the bright idea of
moving the shortcut to Shift-Command-5:
(macOS 10.14 Mojave was released on September 24, 2018)
In earlier macOS versions than Mojave,
use Shift-Command-3 or Shift-Command-4 for screenshots.

2018-02-19

Intel ME OS is Minix3 -Google wants Linux

17.11.6: news.cyb/sec/Intel Mgt Engine OS is Minix3 while Google wants Linux:
2018: summary:
. below the OS level is hypervisor,
and below hypervisor level is
the ME (mgt engine).
. it allows the maker of the pc
to do updates even when power seems off,
as long as there is internet.
. the ME uses the secure Minix OS kernel,
but also includes a web browser,
and other huge amounts of functionality
that you can't get the bugs out of,
so Google suggests replacing it with
a Linux kernel and less functionality.
. this has the potential to be a back door
with which the national security agencies
can better protect us from terrorists
and others who take advantage of privacy.

2018-01-16

call for increasing offensive cyber capability

1.3: news.cyb/sec/call for increasing offensive cyber capability:
. the military wants to focus on cyber offense;
the thing to keep in mind with offense,
is it involves placing vulnerabilities
in the hardware that is used internationally;
and that will affect the security of everyone
when those vulnerabilities get out
into the hands of cyber criminals.

apps using #Python may be vulnerable

1.2: news.cyb/sec/lang/python/undocumented methods:
Liam Tung 2017:
IOActive researcher Fernando Arnaboldi
revealed Python has "undocumented methods
and local environment variables
that can be used for OS command execution".
ref:
blackhat presentation:
Exposing Hidden Exploitable Behaviors in Programming Languages
Using Differential Fuzzing:
A differential fuzzing framework was created to detect
dangerous and unusual behaviors in
similar software implementations.
1.16: the paper:
. some Python commands are undocumented because
they are for deprecated functions;
meaning don't use the functions in new code,
but for backward compatiblity we are
keeping the function in place undocumented.
. documentation can be there to warn you
that a function doesn't check its inputs,
so you shouldn't feed it data from an untrusted source.

2015-05-03

Google`Project Zero on #Apple

2.4: news.cyb/sec/Google`Project Zero on #Apple:
intego.com`mac security:
. Google's Project Zero finds flaws in software;
and gives a 90-day warning before releasing details
including proof-of-concept code .

2015-01-03

#malware for #iOS #2014

news.cyb/sec/malware for iOS:
1.3: summary:
. some might say Wirelurker is no big deal
since it requires the mac user to install
an untrusted enterprise app:
moral of the story, reap what you sew;
don't trust any apps
unless you can trust its source;
right?
. but did you know that one mistake
could rewrite your other iOS apps?
in the name of user friendliness,
iOS security could be better,
and zdziarski.com has some suggestions .

2014-11-09

#Secret Manuals Show #Spyware Sold to #police

11.5: news.cyb/sec/Secret Manuals Show Spyware Sold to police:
firstlook.org 2014/10
When Apple and Google unveiled
new encryption schemes last month,
law enforcement officials complained that
they wouldn't be able to unlock evidence
on criminals’ digital devices.
What they didn't say is that there are
already methods to bypass encryption,
thanks to off-the-shelf digital implants
readily available to the smallest national agencies
and the largest city police forces
— easy-to-use software that takes over and monitors
digital devices in real time.
First Look Media are publishing in full, for the first time,
manuals explaining the prominent commercial implant software
“Remote Control System,” manufactured by
the Italian company Hacking Team.
. they mention citizenlab.org's June 24 Police Story:
 Hacking Team’s Government Surveillance Malware

2014-10-11

#BadUSB code made public #badBIOS #android #linux #mac #Windows

news.cyb/sec/#badBIOS/#BadUSB code made public:
10.11: summary:
. in 2013 I wrote about #badBIOS malware
apparently infecting my mac and linux/pc;
 recently a demonstration of badUSB
has proven a key technology needed by badBIOS;
but the code was not revealed; because,
USB is considered to be unpatchable,
unless $billions in hardware were replaced .
. even more recently,
other researchers have released the code .
 

2014-01-30

#mac #osx #rtfm #badBIOS #NSA stuccomontana

9: news.cyb/sec/#mac #osx #rtfm #badBIOS #NSA stuccomontana:
intro:
. when NSA conceals a computer vulnerability
(one that can take possession of your computer
and make it do the bidding of the internet)
there is nothing magical about this situation
that would prevent criminal elements
from also exploiting these backdoors .
. NSA knows the cat is out of the bag;
that's why they set up the Snowden leak:
NSA knows they need to get our permission now
rather than use our computer vulnerabilities
because the criminals now know too much
about the backdoors NSA needs for surveillance .

. the following is someone claiming to show
an NSA leak documenting the #badBIOS malware
that has been plaguing Dragos Ruiu .

2013-12-31

#recycle #Apple #iMac 2008

10.9: todo.cyb/mac/recycling: [done]
. if I've found my infected overheating imac
isn't worth fixing,
I could just find how to crack it open
and reuse the drive,
and maybe also the dvd drive?
. vaguely recall the mac#mini's dvd burner
was not immediately reusable,
because I didn't have the right enclosure
(it wasn't the same interface as the harddrive).
[12.15:
. there are also rumors that mac's dvd burner
has unique firmware that needs special drivers? .]

#Apple #iMac #badBIOS #malware

12.15: summary:
. my 2008 imac seemed infected by opening pdf's,
and I suspected it was #badBIOS malware;
because, it gave my dvd player troubles:
it made the os x installer disk unreadable,
and it also seemed to be coming from firmware,
as even after I reinstalled the OS via download,
and hadn't opened any more pdf's or javascript,
I still seemed to get infected again .
. my troubles started with finding a new pdf library,
and I ended up finally replacing my sick mac
with a chromebook featuring verified boot!

2013-12-13

reusing #Apple #iMac #superdrive dvd burner?

10.24: web.cyb/dvd burner enclosure:
. for reusing the mac's burner (or just player?)
I need a dvd enclosure ...
if this doesn't work out,
my mac replacement will have a dvd;
eg, one dell compatible with qubes os
comes with a dvd writer for $35 .
. the chromebook is no place to test the new dvd:
Chromebook can't play USB CD or DVD drives .

2013-11-30

#badBIOS @dragosr vs Mac, Linux and PC

4: cyb/sec/#badBIOS/ 
30: summary:
. malware that spreads via usb devices
can infect other usb devices,
and the problem is not the os;
it is the hardware and usb standards
which expose the os to malware infection .
. Dragos Ruiu talks about a mac infection
which sounds like the one I got;
it prevented me from reinstalling the os;
and it started infecting my chromebook,
but the chrome os was able to clean it up .
. my 2005 ubuntu laptop was not so lucky .
. a laptop in my future that will likely do well
is one running the xen hypervisor,
hardened with the Qubes OS .
(see #Qubes #Xen vs Dragos Ruiu's #badBIOS).

2013-06-19

iMac Mountain Lion infected by Vmware Fusion Ubuntu

19: mis.cyb/mac.vmware/freeze with black screen:
. the usual:
I'm running vmware on a 2008 imac,
my virtual machine is running ubuntu;
I'm using firefox with noscript,
and my editor is komodo edit;
then a freeze requires a hard reset .
but this time,
I catch a keylogger or something ...
[@] mis.cyb/mac/fake log-in after crash

2012-09-26

hidden drive solved by permissions repair #mac

7.6: mis.cyb/mac.finder/
hiding the internal drive from user acct:

. my user acct's finder can't see anything on the internal drive
but on a visible external drive
there is a working link to a file on the internal drive,
so I know the files are there .
. the admin acct can see everything .
. there are no updates from Apple .
. use the disk utility app to verify and repair mac's permissions:
they are bad, but before fixing, verify disk is healthy .
web:
. others are seeing this last year,
and by 2 authors the terminal was suggested:
sudo chflags nohidden /
-- all but one mac user was not happy about that fix:
one just never came back to verify it worked;
and the other cracked jokes about
finding a fix by downloading xcode .
. I would find later that
Apple's diskUtility.permissionsFix
would fix my problem of finder hiding everything .

2012-08-30

conquering imac brightness

8.6: proj.cyb`gear/mac`shades/
combined shade&blue-blocker/test:

. make new imac glasses with orange uv shades
taped to sunglasses
-- depressing in room but just right for mac .

8.7: proj.cyb`gear/mac`shades/
string to raise nose bridge:

. add bridge to mac shades to get more ventilation
and reduce fog .

8.10: proj.cyb`gear/mac`shades:
. tape isn't holding up? get help by
tucking the lenses under the nose bridge string .

8.18: proj.cyb`gear/mac`shades/
drill holes for holding shades on shades:
. use the aluminum wire
in the smallest holes my drill will give .
. like a staple but twisted once too .

2012-06-19

beautiful photostitching in Linux

5.5: web.cyb/mac#lion/photo stitch replacement:
. the new Lion system doesn’t include Rosetta,
which means the older PowerPC-only programs
can’t run on it;
so, I'm going to be out Canon's Photo Stitch?
what are some linux replacements?
. another term for Photo Stitching is Panoramas .
[6.11:
... and if linux doesn't work out;
Canon upgraded the PhotoStitch to work with Lion
(freeware -- not just an upgrade).

 6.19: have the cd?:
. there is also a version for Windows,
but it's only an upgrade,
you'll need the cd that came with your Canon .]

[6.19: tried the linux openware:
. after installing Hugin on linux
with Ubuntu's Software Center,
the tips suggested I see the tutorial;
and, trying that out, it was truly amazing .
. someone in 2007 said you had to install Enblend too,
but that seems to be already in place now .]

2012-06-13

moving vmwares to mac's external drive

5.5: sci.cyb/vmware/
sharing vm's in Share acct not possible:

 
[6.13: summary:
. mac permissions are a big hassle!
you're supposed to have 3 user folders:
one for your restricted user's personal use,
one for admn's personal use,
and a shared folder that is accessible by everyone .
. but shared access means read-only,
and read-only affects the running of
 vm's [Virtual Machines].
. I had created a 2nd restricted user's acct,
and I thought I could use the same vm's
since they were in the Shared folder,
but when I tried to run the vm's
it said I didn't have permission,
because running the vm implies modifying its files .
. if you want user accts to share completely,
you have to store the files in an external drive .]

. using vm's from another acct doesn't work
even when it's the shared acct
with permissions set to everyone can read and write .
[... because
acl's are enforcing Owners Enabled ]
. after getting all the vm's set up,
I then undid it for the experiments,
to see if the problem was sharing when
the vm's were using suspends or snapshots
(that was one problem but there were others).
. finally redid everything back to normal
but what if I wanted to work in a new acct ?

sci.cyb/vmware/sharing vm's in usb drive is possible:
. try sharing an xp and xu from the dos-formatted drive
that likely won't have acl's attached to it?
yes, that does work;
if it's the acl's, they don't seem to matter on
one partition of my firewire drive;
I have that partition named as if it's exfat-formatted,
but disk utility says the current format is Mac Journaled;
the key difference is [owners enabled: no]
the partition used by Apple`timemachine on that same drive
has answered yes to that .

5.6: proj.cyb/vmware/vm's on external drive:

( earlier,
I'd done an experiment on vmware:
can I access a vm from a new acct?
no because it's shared with an old acct
...)
. I missed the point of the experiment!
it wasn't to share vm's between accts,
it was to see if a transfer of vm's between accts
would work at all .
. what the experiments told us was that
moving the vm to the external drive
(a drive that is not Owner Enabled)
makes the vm exist without ACL-owned complications
so then after getting a copy from the external drive,
it can be run by any acct .
. and if you do want sharing
then keep it on the external drive;
but, if you don't want sharing,
then first get the vm from the external,
and copy it to the acct's drive .
. if you're not concerned that
the acct isn't owning a vm,
then keep in mind that
if using conventional disk drives
rather than solid state devices,
and if the host OS is on the internal drive
then the vm will run more efficiently on
the external drive
since the host and guest OS's
won't be having to compete for
the location of the disk's read-write arm .

. if the bank.vm should be encrypted
it could stay on the internal drive .
[6.13: (considering Lion's encryption;
later decided to stay with just encrypting data) ]

. for timemachine to work on an external drive,
you need a 2nd drive;
. you can still benefit from timeMachine's
multiple snapshots feature,
but you have to manually copy changed parts
over to the internal drive that timemachine is backing .
[6.13:
. a 3rd possibility that I finally decided on
was to put the vm on the same external drive as timeMachine,
and then put the data on the internal drive .]

. rename the external drive as Primary .
(the reason it was named exfat
is that I had it formatted to exfat
until it was found that my xp laptop
couldn't read the drive anyway
because the drive was partitioned .
. linux on the laptop can both see partitions
and read mac format .

5.8: proj.cyb/vmware/moving to new system:
. in the new system,
all vm's are on the external drive,
and prep for this includes the usual
pulling out snapshots, and shutting them down
instead of suspending them .
. inside vmware's library all the links will be bad,
so I have to delete them all and reopen each vm,
to have it listed by the library .
[...,
. if I change the name of the drive,
the library links are again shot,
so, I'd want to make sure the drive's name is ok .]

5.6: mis.cyb/vmware/easy mistake wastes a lot of time:
. I messed up the decision of
whether to say the vm was moved or copied;
I should have said I copied it
because I need to be using both instances at once,
once I answered it wrong,
I didn't see any way to undo it,
so I had to recopy the huge thing .
may have also needed to change the name
of the enclosing folder?
(you can't change the name of the vm itself
because that makes it unusable
unless you know how to patch the internal param file).


2012-06-11

Fusion 3.1.4 works with Mac OS x Lion

5.5: web.cyb/mac#lion/fusion ok with upgrade?:
6.11: summary:
. I updated to latest the Fusion 3.1.4
before doing the upgrade to Lion,
and everything turned out great;
the usb camera works fine,
and other usb devices are used only from
the host OS (mac).
. I did not need to uninstall and reinstall Fusion .
. I already had the recommended 4gb ram .
. I did not intend on using mac as a guest OS
( if that idea appeals to you,
then you'll want the upgrade to Fusion 4.0 ).

2011-10-06

saved by backup with many snapshots

9.21: mis.cyb/fat32 sd card/corrupted:
(9.30: summary:
. only just months ago I started the policy of having
multiple backup snapshots instead of overwriting;
that turned out to be a life-saver, because,
to do overwrites safely,
you have to check every folder and file
to make sure none of them are corrupted .
)
. I tried saving html code to my sd card,
and it failed from both ko'edit and kompozer;
I thought it was a copy-protection trick ...
in fact, it's showing
everything in that folder is deleted!
log/psy now has zero items .

verifying corruption:
volume “SD2GB” ** /dev/disk2s1
** Phase 1 - Preparing FAT
** Phase 2 - Checking Directories
/PIM/2011/09 sep/0(cyb) has no clusters
/PIM/2011/09 sep/psy has no clusters
Marked 44 clusters as free
Free space in FSInfo block (141148) not correct (141192)
3306 files, 564768 KiB free (141192 clusters)

recovery by snapshot-backups:
oh, bak's are showing
those 2 folders have been empty for a while .
try a binary search:14, 17, 18 : ok?
18 14:17 is the last good;
cyb 15 9:37 (files: 15 18:48)
psy 15 18:42 (files 15 18:44)
the next is 19 18:58 -- both {psy, cyb} are missing .
cyb 19 17:50
psy 19 10:54 .

finding the cause:
. what was I doing when these changes got made?:
cyb 19 17:50
psy 19 10:54
. at 9.19.10:54 I was approaching mac,
but didn't do anything deliberate until 2 min later:
"( ... 10:56, gmail:0, log, ).
. maybe I jiggled the sd card, and lost the connection,
so it was like pulling it out without
giving the OS the warning it needed
to flush the caches and close the fs .
. at 9.19.17:50
I was about to break for some dictionary work;
1750 may have been at the time I started,
since I didn't give start-stop times for a 5-min job,
tho' it might have taken 10min
"( 17:50: this is the modify date of cyb.folder
getting corrupted . [9.21: found]
18:00?: used dictionary, )
. I remember being concerned that I was on a page
that did have ad's on it, but from the various browser logs,
{mac.safari, xu#main.vm, xu#wild.vm }
there was nothing around the time 19.18:00;
did I get ad's from mac.dictionary?
there were no ad's as I cycled through dict's history
but I think I was getting wikipedia from dictionary,
and then a link opened into safari .
. anyway,
pos.cyb/fs/sd card should be backup not primary:
. I'm working mostly from a vm,
so I keep my primary in a vmware shared folder,
and then backups happen with mac.timemachine .