MacDailyNews - Where Mac news comes first

wow, the MacDailyNews take is really insightful and completely fanboyish in nature. Can anything on this site be just news without injecting opinions or non-relevant statements?

Stick with reporting, this opinion site is getting crazy. I know Apple obviously spends a lot of Ad dollars here, but its excessive already.

OSX is also vulnerable it appears...

http://www.matasano.com/log/695/windows-remote-memory-access-though-firewire/

This isn't Fox News. Nobody here is claiming to be "fair and balanced."

It will probably fall on Apple's shoulders to fix this. Firewire seems to be slipping to the side for USB2. I prefer Firewire - because it's better and this won't help it stay around if left to Microsoft to fix.

Mar 05, 08 - 09:37 am Comment from: WindozeKiller

@bias:

don't take this in a mean way, but, "Cram it up your cram-hole!" (Sorry, I just think that's one of the funniest lines ever written)

We're all here for the bread and circus and, while we may not be "Apple Fanboys", we understand the sentiment and feel more than a little bit of schadenfreude when things like this happen to microsoft.

I think every one here has a little Nelson in their head saying, "HA Ha!"

Mar 05, 08 - 09:37 am Comment from: Predrag

You must be new to the MDN, bias?

MDN's most significant defining element in the sea of Mac sites out there IS their commentary. Most of us coming here are Mac fans and we always have a chuckle reading the MDN take on the news. If you haven't noticed, MDN's content is mainly aggregation of others' content (with proper attribution and links, of course). The take is about the ONLY original MDN content. Without it, I may as well go to MacMinute, Macintouch, MacNewsNetwork, TheMacObserver... not to mention the magazines MacWorld, Maclife, etc... (there are many more, just don't come to mind at the moment).

Well... OK- Firewire was better...
FireWire speed degraded under Mac OS X 10.5.2?

http://www.macfixit.com/article.php?story=20080304125007341

Mar 05, 08 - 09:53 am Comment from: mr_matalino

Firewire in a Dell?

Mar 05, 08 - 09:54 am Comment from: Mr. Peabody

@bias,

Where are you from? - OF COURSE This a fanboy site! If you don't care for it then may I invite you to any one of a zillion Windows fanboy sites instead...

Really, get a clue.

Mar 05, 08 - 10:00 am Comment from: Sixvodkas

@bias,

Don't let the door hit you in the a$$ on your way out.
On second thought...

Mar 05, 08 - 10:11 am Comment from: Boyarsky

Ya kno-- If Apple wants to keep the Firewire technology alive they need to continue upgrading and supporting it, and its availability.

Firewire IS the superior technology, but it's getting the second-bastard-stepchild treatment from Apple as of late.

Apple- get on top of this, fix it QUICKLY and LOUDLY. Then make it Micro$quish's problem to add the fix to Windoze.

The last thing Firewire needs is this unfixed-(possibly fatal) flaw to hurt FW adoption.

Just my 2¢
John
North Pole AK

Mar 05, 08 - 10:29 am Comment from: Ampar

Damn. The title made me think that this was a story about Ballmer making bail.

Mar 05, 08 - 10:41 am Comment from: NCIceman

Based on the article is seems everything that uses firewire is vulnerable....

MDN isn't getting the point.
They must've been paid by Microsoft to do this so Microsoft can promote Vista's security.

"unlock locked Windows machines or login without a password ... merely by plugging in your Firewire cable and running a command."

Sounds like they finally got that Target-Disk-Mode feature... ;D

Took 'em quite a while, didn't it?

Mar 05, 08 - 11:43 am Comment from: payshunz

I'm not sure this is really a 'fixable' problem, as, from what I've read on other tech sites, this problem is a result of the direct memory access ability built into the IEEE 1394 standard.

If it requires direct access to your computer in the first place, the computer is no longer 'yours' and you're probably screwed anyway.

Mar 05, 08 - 11:44 am Comment from: maczac

Anyone with local physical access to any machine can crack it. Mac, Windows, Linux, whatever. This is not news.

Mar 05, 08 - 11:46 am Comment from: maczac

Ampar....ROFL

when is apple going to update the mini?

Mar 05, 08 - 12:09 pm Comment from: Real IT Guy

The biggest problem is that this isn't a bug. It's a feature of Firewire that, among other things, allows speedy transfer of video data to the system for iMovie, etc.

The security risk here is that the first rule of computer security is violated:

"If you let the bad guy touch your computer, it's not your computer anymore."

Mar 05, 08 - 12:12 pm Comment from: ericdano

"Based on their first 180 days of availability, Windows Vista has been shown to have fewer vulnerabilities than Windows XP or MacOS X 10.4"

http://www.microsoft.com/windows/products/windowsvista/facts.mspx?wt_svl=10355VH_OS_Vista1&mg_id=10355VHb1#ETC

Except when you do this Firewire tool thing.......

Mar 05, 08 - 12:12 pm Comment from: LordRobin

<i>when is apple going to update the mini?</b>

Don't know and don't care. I was about to buy a mini, then I figured "If I'm gonna buy a box made with laptop components, I might as well spend a little extra and get a laptop." So I got a MacBook. Most of the time I use it like I would a mini, with an external keyboard and monitor plugged in. It works fine like that, even with the lid down. But I can yank the plugs and take it mobile. Best of both worlds.

------RM

<< "Anyone with local physical access to any machine can crack it. Mac, Windows, Linux, whatever. This is not news." >>

<< "If you let the bad guy touch your computer, it's not your computer anymore." >>


Absolutely...

This "hack" involves physical access to the target.
You can "compromise" a Mac too just by restarting with the install DVD. This is like the sleep mode "bug".

This guy's 15 minutes is up.

You guys seem to be missing the point. OSX is just as vulnerable as windows. Check out the link that Carefull put in. How can you only report half the story? Oh, that's right, you fanboys put on blinders to hide all the negative you don't want to see about beleaguered Apple.

"So I got a MacBook. Most of the time I use it like I would a mini, with an external keyboard and monitor plugged in. It works fine like that, even with the lid down. But I can yank the plugs and take it mobile. Best of both worlds."

Just double checking. You can use the MacBook with the cover closed and a keyboard and monitor plugged in? The unit does not sleep when the cover is closed?

I was looking at getting a mini and using a KV switch at work with the Dell that they make me use. This would be a nicer solution, to be sure.

en

Mar 05, 08 - 01:11 pm Comment from: Cubert

@iLuvMyMacs,
BUT, it is much faster for a hacker to use this method than wait through an install.

I wonder if this could be used remotely if someone has a wireless hub attached (no subnet masking) via Firewire?

The funny thing about all the statements directed at me is that I am Apple everything at work and at home. iphone, macbook pro, macpro, macmini, itouch, Final Cut Studio, Logic Studio, cinema displays, new wireless keyboard, mightymouse. My kids all have ipods, my wife has a macbook air and iphone. And I sell, configure, and install NLE systems and XSAN configs.

I am an apple fan boy by definition. However, this site is ridiculously over the top with the snappy child like "takes" that go after anything non apple. Why bother calling it macdailynews? Why not just macdailyopinion or macdailyfanboy ? I get it apple pays the ad dollars, that doesn't mean you need to interject ___into everything.

Can you imagine that a company would release system software that allows anyone free access to another person's PC? That's just ridiculous, that's unforgivable, that's crazy, that's embarrassing,...

...that's Apple Computer.

Careful, your thread ought to make Mac fanbois crap their skivvies while they stutter out some incoherent gibberish about OS X superiority over XP and Vista. If your Mac isn't secure from intruders who cares about elegance and productivity?

Does this mean I'll have to keep all my important files on a portable drive and lock it in a vault each night? How and when do you think Apple will fix this mess?

Cool! There are a lot of Window apologists who read the sight. Must be closet Apple envy.

opie:

Being a Mac user does not mean I cannot criticize Apple's gaffes and goofs. I expect more out of Apple than leaving an open door to my Mac, your Mac, or anyone else's Mac.

In fact, because both XP and OS X are susceptible to mischief then one has to conclude that there are more similarities (i.e vulnerabilities) between both OSs than most Mac users would prefer to have. In other words, OS X loses it uniqueness as a superior OS owing to being similarly susceptible to same security breaches as a PC with Windows or Linux.

That sucks, but fanbois are too biased and too ignorant to comprehend the magnitude of this problem.

Go somewhere else. If you're happy with what you use, why troll here? Is it a cry for help? Do you injure small animals? Why can't you stay on your side?

Mar 05, 08 - 04:30 pm Comment from: boyweho

I have a PowerBook, and one of the first things I did was put a password on the firmware. Therefore, even if someone tries to access your hard drive in Target Disk Mode, they need your password.

http://docs.info.apple.com/article.html?artnum=106482

And from skimming the article and his webpage, it seemed to me to be pretty Windows-specific. Can someone point out the line that explicitly says Mac OS X computers are at risk? Thanks.

The problem is that I have to work with Macs, and worse, macfanboys everyday. The more I deal with the fanatics, the more I dislike the mac.

Mar 05, 08 - 07:25 pm Comment from: ken1w

It seems the computers most affect by this are Apple's Macs running Windows through Boot Camp. Every Mac (except the Air) has a FireWire port. A good reason NOT to run Windows.

@lord robin: Just double checking. You can use the MacBook with the cover closed and a keyboard and monitor plugged in? The unit does not sleep when the cover is closed?

Not when an external monitor and keyboard is connected. Although it's also neat to have two monitors at the same time - something the MacBook can and the mini can't.

@lord robin: I was looking at getting a mini and using a KV switch at work with the Dell that they make me use. This would be a nicer solution, to be sure.

Definitely!

Mar 06, 08 - 08:51 am Comment from: smyhre

@No macs for me

Umm the person has to have physical access to my machine and that isn't going to happen anytime soon I'm not that stupid. And even if they have physical access there is nothing on my machine that they would want but if they want to waste their time go right ahead be my guest. Thats what backups are for I would still take firewire over usb for file transfer any day.