IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [macos]

macOS (formerly Mac OS X and OS X) is a series of Unix-based graphical interface operating systems developed, marketed, and sold by Apple Inc.

macOS (formerly named Mac OS X and OS X) runs exclusively on Macintosh computers and has been preloaded on all Macs since 2002.

453 questions
50
votes
4 answers

Isn't OS X's Single-User Mode a bad idea?

Recently, I had a Mac which fried its video logic board. Luckily, Apple had concluded that this was a design flaw and was fixing the affected models for free (see more here). However, I did not find this page for a while, and during that time had to…
toastrackengima
  • 621
  • 1
  • 5
  • 10
7
votes
1 answer

kadmin problem: "Client not found in Kerberos database while initializing kadmin interface"

I'm having problems setting up Single Sign On on my Mac (Snow Leopard). My program was giving the error accept_sec_context: Unspecified GSS failure. Minor code may provide more information: \ Key table entry not found (000d0000:96c73ab5) When using…
fredley
  • 1,455
  • 1
  • 16
  • 25
7
votes
4 answers

Why are Macs more secure?

People often say that Macs are more secure than say Windows. Which is why many Mac users don't have antiviruses. But why is this? Is it because of the need for a password for sudo commands, like changing system files? But then couldn't the hacker…
Facebook Sucks
  • 87
  • 1
  • 2
6
votes
0 answers

Why does DestroyFVKeyOnStandby no longer work to secure Mavericks?

I noticed that using the DestroyFVKeyOnStandby option for FileVault 2 in terminal no longer works since upgrading to Mavericks. Usually you type the following in terminal: sudo pmset -a DestroyFVKeyOnStandby 1 | sudo pmset -a hibernatemode 25 The…
user32503
  • 61
  • 2
5
votes
4 answers

Can you really change the password to a mac on reboot without knowing the old one?

I was looking for answers for a configuration issue on my laptop but then I got to reading the answers to this post. There was one that troubled me slightly (the last one by Lauri) which says how to fix the users problem of the lost password by…
Magpie
  • 153
  • 1
  • 6
4
votes
2 answers

How can I confirm I'm vulnerable to OS X "rootpipe" (CVE-2015-1130)?

I've read the disclosure post by Emil Kvarnhammar of TrueSec (Hidden backdoor API to root privileges in Apple OS X) and I'm trying to confirm whether I'm vulnerable or not. After creating an exploit.py script with the contents of Emil's exploit POC,…
Daniel Serodio
  • 767
  • 2
  • 7
  • 14
4
votes
1 answer

Xcode's git still vulnerable (CVE-2014-9390)? What's the best practice here?

In December everyone and his grandmother were talking about CVE-2014-9390 and we were all busy installing the git maintenance releases. Looking at my Xcode installment today - 41 days later - I still see a version 1.9.3 (Apple Git-50) from October…
armin
  • 141
  • 1
4
votes
0 answers

Why is non-admin user allowed to do macOS update?

On macOS Sonoma, when I use any non-admin user, I am able to do a full OS update, or to run commands like softwareupdate --install-rosetta. Why is this allowed? I researched a little and came to this documentation saying: authorising software…
Ivan
  • 141
  • 1
4
votes
5 answers

Apple ID Created With My Email Address

A little similar to this question. but rather than hack my email address someone has created an Apple ID with a gmail address that is similar to mine, but had dots '.' in it. For example if I have myemailaddress@gmail.com some one has used…
Colin Cassidy
  • 1,900
  • 11
  • 19
3
votes
2 answers

Does GateKeeper on OS X 10.8 offer any reasonable protection from exploits?

OS X 10.8 comes with GateKeeper, which basically has three settings: Allow only apps from Mac App Store Allow only apps from Mac App Store or that are signed with a valid Apple Developer certificate Allow any apps to be installed. I typically…
MDMarra
  • 325
  • 4
  • 13
3
votes
1 answer

OS X 10.6 and known unpatched vulnerabilities

Apple is not renowned for publishing clear end-of-support announcements for their products. In our network (a big university) we have strict policies and we do not allow unpatched systems. We were able to "forbid" Windows XP machines after Microsoft…
Matteo
  • 682
  • 5
  • 14
2
votes
1 answer

native mac malware opening urls across all browsers

I'm a security newbie so please excuse the solely high level symptomatic description of my problem. My friend doesn't know how he got it, but he has some form of malware on his mac which, when he opens a URL, spontaneously opens an additional URL in…
Alexandre Holden Daly
  • 121
  • 1
2
votes
2 answers

Home environment for MacOS detection tools

I was recently introduced to a variety of detection/hunting tools for MacOS. Listed below are some of the tools I am interested in learning to broaden my toolkit and better learn Mac security. Google Santa XNUmon Little Snitch OSQuery These are…
Hysii
  • 189
  • 1
  • 1
  • 5
2
votes
0 answers

On MacOS, which process is using nsurlsession to communicate over the network?

Since a few versions back (I guess it was 10.10 or 10.9) MacOS has this binary /usr/libexec/nsurlsessiond that accesses network on behalf of other processes. I believe this has to do with Apple trying to help and control network connectivity for…
Ali
  • 733
  • 1
  • 10
  • 18
1
vote
2 answers

How should I diagnose a macintosh laptop running OS X Lion 10.7.5 automatically booting at 12:00:09 sharp every night?

Using the "Console" app within OS X and viewing the "syslog" file I can see the user shutdown their laptop (it was a HALT operation) around 10:22PM. For some reason, 9 seconds after midnight (12:00:09) the machine would boot up on its own. I…
user1068636
  • 299
  • 3
  • 10
1
2