tssci security

Archive for Apple

How to pwn PWN2OWN

Day one of PWN2OWN was unsuccessful, which is no big surprise. But today, I am really hoping for something -- otherwise we'll have to wait until tomorrow for the third-party clieint-side exploits. Here's a little summary I wrote a bit back on how to [...]

My other phone is your iPhone

Here's a new 2008 security prediction for you -- The iPhone camera is an odd device. There is no notification that a picture is being taken, so the only requirement for malware is to wait for user activity and then start taking pictures. My prediction is [...]

Get more out of OS X with tcshrc

The default user environment on OS X is not exactly very productive. On my Linux and FreeBSD systems I prefer to work in a highly customized user environment that allows me to work faster and more efficiently. I have tried numerous ways of accomplishing [...]

Operating systems aren't any more secure than the idiot using it

So this week, we've had a roundup of posts on Apple's latest OS X release, Leopard, and the security "features" that went into it, where they fall short, and what's missing. Thomas Ptacek has a great post over at Matasano with even more insightful [...]

Tweaking kernel parameters using sysctl

Over the last few years I have been finding ways to tweak my FreeBSD systems for better security and performance. One of the techniques that I used most often was tweaking kernel parameters using sysctl. As you may have known from previous posts I am now [...]

Enable password for single-user mode (OS X)

Single-user mode by default is available on OS X without a password. This is not a desirable system behavior and to remedy this, all that is needed are a few simple commands. To enable a higher level of security we can set an "Open Firmware Password". On [...]

Security Tools for OS X -- DenyThumbDrives

The other day I posted about a problem regarding the default behavior under OS X, which ignores permissions for mounted firewire drives. I decided to look for a solution to this rather than relying on administrators to set the proper option. What I [...]

Insecure Permissions on Firewire Hard Disks - OS X

When you mount a firewire hard disk under OS X it will mount with the 'Ignore ownership on this volume' option set. What this means is that owner information and file permissions will be ignored. Apple does this so that you can share a disk across [...]

Security Tools for OS X -- QuickPass

I am an avid OS X user and will be posting tools and security information regarding OS X regularly. I often need to create secure passwords that are easy to remember and today I found the perfect tool for doing this. It's called QuickPass and it's a [...]
blog comments powered by Disqus