backtop


Print 52 comment(s) - last by themaster08.. on Feb 28 at 5:44 AM


Vincenzo Iozzo  (Source: Black Hat DC)
Claims he can overwrite other programs’ code in memory without leaving a trace

Vincenzo Iozzo, a student security researcher at Politchnico di Milano University in Italy, unveiled a startling new attack against Mac OS X computers that allows hackers to inject malicious code into another program’s memory space – and then vanishes as soon as the computer is switched off.

Speaking at the Black Hat DC cybersecurity conference in Washington, DC, Iozzo said his technique relies on injecting arbitrary code into a program’s executable memory while it is running, guided by the memory locations described in the actual program binary, which is stored in a file format called Mach-O. The injected code runs when the code it originally overwrote is called upon by its host.

Attacks of this kind are nothing new, however, and the secret behind Iozzo’s memory injection attack is that it runs completely from RAM, leaving no trace on the host machine’s hard drive; other techniques have generally required, at least minimally, some form of temporary storage.

The main weakness of his attack is that it relies on an unspecified means of executing arbitrary code on the computer in the first place: according to Iozzo’s presentation (PDF), an attacker must have knowledge of remote code execution “in his pocket” in order to convince his mark’s computer run a bootstrapper that initiates the attack.

While it is unclear as to whether or not Iozzo’s technique allows hackers to tamper with code running at System-level privileges – Iozzo describes the attack as limited to “userland”, or regular desktop applications – it does allow an attacker to modify a program like Safari to do something malicious like monitoring passwords and keystrokes.

Iozzo’s technique most closely resembles Firewire-port memory injection attacks that previously felled Windows, Mac OS X, and Linux: both make use of some transient medium to arbitrarily inject code into the program section of a computer’s memory, which is normally heavily protected from attack. Once the malicious code is in, an attacker can make a computer do pretty much the OS would allow the original host program to do – all without setting off security software.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: This is only the start
By kelmon on 2/21/2009 11:26:49 AM , Rating: 1
Something like what happens, precisely? Someone makes a presentation? I don't want to belittle what is being discussed but there is no more threat today than there was yesterday and probably tomorrow too. As and when something hits "the wild" and can actually do damage, then we'll worry but in the meantime this remains as theoretical as all the other announcements. I find it rather sad that people actually welcome news like this.

Put another way, we don't need to plug our fingers in our ears because there is no sound to hear.

Bloody scaremongers...


RE: This is only the start
By Pirks on 2/21/09, Rating: 0
RE: This is only the start
By FaceMaster on 2/21/2009 5:05:36 PM , Rating: 5
Shame they're only virus free because they're not worth writing viruses for.

Oh, but there are viruses. And it's easier to make viruses for them than ones that work with Windows.

You are quite entertaining, but in a frustrating way. I know you'll find this bit of the post a compliment, but the simple fact is that you're too stupid to understand that you're wrong, which makes it look as if people are having long and timely debates with you when they're actually just giving you the same response time and time again because you're too stupid to answer it, much like a politician. ie,

'HAHAAHAHAHAHAHAA no viruses on MAC!'
'Not as many people use them because they're not as good'
'NO ITS COS MICROSUCKS IS A MONOPOLY'
'Huh?'
'YEAH U R ALL BRANE WASHEDDDD by BILLY GATES'
'Um, not, MACs just aren't as good. The hardware is dated.'
'NO LOOK AT THIS BENCHMARK IT CLEARLY SHOWS THAT A MAC COMPUTER HAS BETTER HARDWARE THAN A PC RELEASED 5 YEARS AGO. JUST.'
'Yeah but compare todays hardware and you'll see that PCs are better.'
'NO YOU JUST COMPARE MODERN TECHNOLOGY BECAUSE YOU CANT ADMIT THAT MACS ARE SUPERIOR TO THAT PC I SHOWED YOU'
'Um, I give in. You clearly aren't sane.'
'HAHAHAH U R RUNNING AWAY COS UR WRONG. I WIN BECOS NO ONE RESPONDS TO THIS COMMENT THEREFORE IM RIGHT!!!!!!'


RE: This is only the start
By waffle911 on 2/22/2009 12:58:57 PM , Rating: 2
I can say honestly I've run in to more PC zealots doing that than Mac zealots when both sides get into an argument like that. It really ends up as being as senseless as American bipartisan politics. "Dem vs GOP LOLOLOL". Seriously.

oh... and before anyone says something about Mac users being ignorant about their vulnerability... consider how many PC's don't run any protection software, how many people who use PC's don't know what is or is not risky behavior on the internet, and how many headaches I get from dealing with idiots who clearly have no business operating a computer. A lot of headaches I wouldn't have if half the people I help out on a regular basis would just switch to Macs and leave Windows to the people who actually understand how to use it (like me). To make computers safe, you have to make them stupidproof. Macs are as stupidproof as I've seen. The average consumer could care less about Apple's inferior hardware, the point is that it's good enough now and for the future. Considering the average new PC bought at a big box store houses 1-2 (or even 3) year old technology, I'd say Mac's aren't in any sort of trouble of being terribly outdated for the people that buy them. Given, of course, that we're talking about the Macs that people actually buy, like the iMac and the MacBook. The Mac Mini and Mac Pro are irrevocably outdated, but Apple hasn't seen enough sales in the Mini to justify updating it yet, and the Mac Pro is limited by VGA card makers' efforts to support the system, plus the fact that a lot of professionals who used to buy Mac Pros find themselves buying iMacs as a good-enough and cost-effective platform.

That said, I'm planning my i7/GTX285 gaming rig right now. But I get all my work done on a Mac, because it's basically Linux Premium, with added software support and less effort involved in day-to-day use. Plus Mac laptops, while not the most powerful for the price, are still a far cry from inferior machines, especially compared to HP/Dell/Sony/Gateway. Bring Lenovo, MSI, Acer, and Asus to the fight, then you've got something to talk about. But I still prefer the MacBook Pro.


RE: This is only the start
By FaceMaster on 2/22/2009 1:32:49 PM , Rating: 2
My rant stretched far beyond MAC fanboys. I was talking about fanboys in general- trollers who don't seem to realise that they're not being clever or persuasive, but just plain RETARDED.


RE: This is only the start
By themaster08 on 2/28/2009 5:44:46 AM , Rating: 2
quote:
can say honestly I've run in to more PC zealots doing that than Mac zealots when both sides get into an argument like that


Probably due to the fact that there are many more PC users than Mac users, but looking at percentile, abut 99% of Mac users are zealots who need to prove themselves as the inferior users, whereas about 25% of PC users probably don't even know what a Mac is, let alone argue against one.

I think all Mac zealots should take a good look at this:-

http://www.thebestpageintheuniverse.net/c.cgi?u=ma...


"What would I do? I'd shut it down and give the money back to the shareholders." -- Michael Dell, after being asked what to do with Apple Computer in 1997

Related Articles













botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki