Was a PowerBook hacked?  If so, how?
 
A report has surfaced from the recent ShmooCon hackers’ convention (yes, there are a number of hackers’ conventions now) that a participant’s PowerBook, running a recent version of Mac OS X, was compromised by one of the attendees.  However the report provides so little information that it’s not very useful, or even believable at this point.
 
Most people asked seem to feel that, if a hack occurred, the machine was not hacked over the Internet or a local network, but more likely through “social engineering” (for instance obtaining a password through “shoulder surfing”) or even simply a physical attack (for instance someone breaking into the participant’s hotel room).  There’s a reason the third chapter of our book is entitled “Physical Security.”
 
We should try to resist the temptation, however, to stick our head in the sand and think “oh, that couldn’t happen to us.”  It’s definitely worth trying to find out more details, just in case.
Thursday, February 9, 2006