Can someone hack my mac?

Slice · 16-07-2008 9:05pm #1

I just got a facebook friend invite from someone I didn't know and accepted it. When I looked at their profile somebody else had posted that the facebook user had hacked into their computer by befriending them on facebook. Is this possible? It seems totally random to me

L1011 · 16-07-2008 9:17pm

Generally those things are made up fantasy scare stories.

Basically - no. Realistically, if there was information of great need on the machine - yes, someone could compromise it.

Get a router with a firewall in and run all security updates for the OS + other software you use. Don't run applications from suspicious websites. Should be grand.

Breezer · 16-07-2008 10:19pm

Can a Mac be hacked? Yes. It's a computer, of course it can.

Are they hacked on a regular basis? No.

Can adding someone on Facebook result in a hack? Probably not. Visiting their page, if they've uploaded some malicious code, could theoretically result in your Mac being compromised, but it's unlikely, and I reckon Facebook would notice this pretty quickly.

Also, attacks on Macs are so rare that any time an even remotely viable threat appears there's an uproar about it. Keep an eye on the Apple blogs. Apple can be slow to patch vulnerabilities though, something I've noticed.

Slice · 16-07-2008 10:49pm

Generally those things are made up fantasy scare stories.

I was a bit suspicious that this was a fantasy scare story but still; everyone loves a good scare story

SouperComputer · 17-07-2008 12:04pm

MYOB wrote: »

Generally those things are made up fantasy scare stories.

Basically - no. Realistically, if there was information of great need on the machine - yes, someone could compromise it.

Get a router with a firewall in and run all security updates for the OS + other software you use. Don't run applications from suspicious websites. Should be grand.

+.......An admin account should not be your "regular" account, if you have admin rights on the account you use on a daily basis, create an admin specific account, and demote your account to a general user.

L1011 · 18-07-2008 8:16pm

Indeed, thats always a good policy

I, however, use no antivirus, a hardware firewall, and generally run as Administrator / root / baron (BeOS) or the main user account on a Mac and I've never had a security problem - awareness is 100% of the risk really.

440Hz · 18-07-2008 8:20pm

Certainly having more than user account is a wise move. I wouldnt say that you should make a point of not working as admin though - personally I use admin all the time, because I require it, and when im in the office or pubic place i flip to another user, just in case!

Slice · 18-07-2008 9:23pm

What's the disadvantages of not always using an admin account? I've just seperated the admin account from my user account but I find no restrictive difference. The only thing it's done is ask me for my admin username and password whenever I try to install anything

Type 17 · 19-07-2008 8:56pm

Slice wrote: »

What's the disadvantages of not always using an admin account? I've just seperated the admin account from my user account but I find no restrictive difference. The only thing it's done is ask me for my admin username and password whenever I try to install anything

I'm running my main user account as an admin account, and I get asked for my password before installing anything anyway, so I'm wondering if running a non-admin account as the main one is any advantage?

Even on the Macs in my brother's office, the users can't install anything on their admin accounts because they don't know the admin password...

kevteljeur · 19-07-2008 10:03pm

SouperComputer wrote: »

+.......An admin account should not be your "regular" account, if you have admin rights on the account you use on a daily basis, create an admin specific account, and demote your account to a general user.

+1. It means that when anything needs to be installed or modified, it's very hard for it happen without your explicit approval. The application directory, for example, is owned by the admin group.

It's more explicit on the Mac, but the general concept of doing day-to-day stuff in a restricted, non-admin account is good policy on Windows too. It's a shame they don't push this more; owners generally stay in the first account they make, and it's an admin account by default (stands to reason when setting up a system). I used to use an admin account, but now I split my accounts, and only use the admin account for... Admin stuff. I even keep my work stuff in a separate account to my general user one! But that's OCD more than security.

There's more than a little FUD about how much 'web applications' can do to your system; on Windows, there is some scope for it, but these days mostly from inadvertent clicks on fake warnings.

NullZer0 · 21-07-2008 2:22pm

Slice wrote: »

I just got a facebook friend invite from someone I didn't know and accepted it. When I looked at their profile somebody else had posted that the facebook user had hacked into their computer by befriending them on facebook. Is this possible? It seems totally random to me

If you are running windows on your mac I would advise you to step away slowly ... :eek:

NullZer0 · 21-07-2008 2:23pm

kevteljeur wrote: »

+1. It means that when anything needs to be installed or modified, it's very hard for it happen without your explicit approval. The application directory, for example, is owned by the admin group.

For the average user this is very true - there are a number of ways round it that most Unix heads will be familiar with. ALL of which I'm aware of are very well documented on teh interweb

Talisman · 21-07-2008 3:51pm

There was a serious security flaw found in Apple Remote Desktop Agent on OS X 10.4 and 10.5 last month. Details from ZDnet

Can someone hack my mac?

Comments