Security consultancy advises enterprise clients to steer clear of adopting large numbers of Macs
An article in The Register states, “Beware of Macs in enterprise” due to the findings by iSec Partners who claim large numbers of Macs are “in many ways more vulnerable than recent versions of Windows.”
The vulnerability they specifically mention is the DHX authentication scheme which is easy to compromise and apparently “trivial to force OS X server to resort back to” from the more secure Kerberos.
A proof-of-concept has been demonstrated by the group that works as such: A test Mac connected to a LAN waits to be contacted by a machine running OS X server, and then it quickly copies all its authentication credentials. It then contacts other Macs on the network and pretends to be the administrator machine and when they respond it is able to access and download data from them.
More information can be found in the article above, but a rep from iSec sums it up by saying, “If we go into an enterprise with a Mac and run this tool we will have dozens or hundreds of passwords in minutes” and also that “Macs are fine as long as you run them as little islands, but once you hook them up to each other, they become much less secure.”
While we have not seen the tool used to demonstrate the threat, the theory is sound.
Apple has done little to protect their owners in regard to this, and all it would take is exploits such as this to be released into the wild and then one careless individual to cause a total compromise of networks comprised primarily of Macs.Tags: Apple, authentication, Computer Security, DHX, exploit, iSec, Kerberos, mac, Microsoft, Network Security, OS X, OS X Server, Register, security, windows