OS X zou ik in het kader van security overwegingen juist en zelfs nadrukkelijk willen pleiten Shell/terminal functionaliteit te willen indammen (alleen nog onder admin acc)

Zou het kunnen dat als dit meer en meer op Linux en Mac OS X geïnstalleerd wordt dat de malware dreiging van Windows naar Linux en OS X komt en drastisch verhoogd gaat worden?

Hebben aanvallers dan geen kennis van Linux en Mac OS X meer nodig en kunnen dan direct vanuit een windows omgeving andere systemen aanvallen waar MS Powershell is geïnstalleerd?

Tot die tijd lijkt mij een prima security advies het adagium : installeer het niet haal of het eraf als je het niet nodig hebt.

Zie ik dat goed, fout (alleen vereist voor beheerderstaken?) of te donkerkleurig in (geen enkele dreigingsfactor erbij)?

Door Anoniem: ...
Wordt dit na Java het eventuele nieuwe paard van Troje voor Mac OS X en Linux?

Voor Mac OS X zou ik in het kader van security overwegingen juist en zelfs nadrukkelijk willen pleiten Shell/terminal functionaliteit te willen indammen (alleen nog onder admin acc) in plaats van te willen uitbreiden met extra attack vectoren met extra 3rd party software installaties.

Zou het kunnen dat als dit meer en meer op Linux en Mac OS X geïnstalleerd wordt dat de malware dreiging van Windows naar Linux en OS X komt en drastisch verhoogd gaat worden?

Hebben aanvallers dan geen kennis van Linux en Mac OS X meer nodig en kunnen dan direct vanuit een windows omgeving andere systemen aanvallen waar MS Powershell is geïnstalleerd?

Zie ik dat goed, fout (alleen vereist voor beheerderstaken?) of te donkerkleurig in (geen enkele dreigingsfactor erbij)?
Hoe zit dat security experts?
Tot die tijd lijkt mij een prima security advies het adagium : installeer het niet haal of het eraf als je het niet nodig hebt.

Door Muria:
Ze willen graag Linux hervormen (verzwakken) zodat het meer als Windows wordt? Misschien hebben ze voor de toekomst een verwaterd Linux/Windows OS in gedachten, waar Microsoft een flinke vinger in de pap heeft. Gaat nooit lukken.

Door Anoniem:
Voor Mac OS X zou ik in het kader van security overwegingen juist en zelfs nadrukkelijk willen pleiten Shell/terminal functionaliteit te willen indammen (alleen nog onder admin acc) in plaats van te willen uitbreiden met extra attack vectoren met extra 3rd party software installaties.

Door Anoniem: Ik ga er vanuit dat je niet weet hoe SUDO werkt in de terminal van Mac (of Linux)
"sudo ls" en je list een directory als admin, vervolgens wordt ALLES wat je daarna uitvoert in die terminal als admin gedraaid. Dat wil je dus ECHT NIET. Met zulk commentaar op security items doe je voor mij niet meer mee aan de discussie, ook al heb je die zelf geïnitialiseerd :]

Door Anoniem: ... vervolgens wordt ALLES wat je daarna uitvoert in die terminal als admin gedraaid. Dat wil je dus ECHT NIET. ..

Door Anoniem 17:13:

Ik ga er vanuit dat je niet weet hoe SUDO werkt in de Terminal van Mac (of Linux)
"sudo ls" en je list een directory als admin, vervolgens wordt ALLES wat je daarna uitvoert in die Terminal als admin gedraaid. Dat wil je dus ECHT NIET. Met zulk commentaar op security items doe je voor mij niet meer mee aan de discussie, ook al heb je die zelf geïnitialiseerd :]

Door Anoniem:

Ik initieerde op nette wijze (en onder de nodige nette voorbehouden aangaande expertise) een discussie over iets wat mij interesseert waar jij dit topic op foute wijze probeert te initialiseren met stokend laakbaar gedrag.
Je was overigens niet de eerste in dit topic die dat inzette, wellicht liep je erachteraan zoals vaker het geval is op deze site.

Als iedereen op dit forum een ander zo zou gaan lopen afzeiken, een ander afzeiken op basis van het idee dat die ander over iets minder kennis van zaken heeft dan jijzelf, dan wordt het niet alleen een heel naargeestige site en kan je de huisregels wel direct weggooien, er zal in ieder geval weinig constructiefs meer aan discussies plaatsvinden.
Beter is het dan dat je zelf vertrekt met je merkwaardige redeneringen en conclusies.

Ontopic weer,
Als je het Mac security nieuws wèl netjes in de gaten had gehouden had je wèl opgemerkt dat de terminal functionaliteit steeds meer wordt aangesproken om te misbruiken.
Dit jaar al een paar voorbeelden, je krijgt er 1.

Hierzo: geen admin rechten nodig en toch de Mac onder remote controle (aanpak is al jaren in variatie bekend, maar niet bij iedereen)
https://www.security.nl/posting/480252/Onderzoeker+demonstreert+usb-aanval+met+Teensy-board
Kijk het filmpje maar.

Wat ik zo voor mij zag maar niet zag zitten dat dit in variatie ook voortaan zou gaan kunnen met powershell code op Mac's (en of Linux) geïnstalleerd. Als je het zelf niet weet, dan heb je ,… hé, een forum waar je een discussie kan beginnen.

Wanneer beginnen de scholen weer? Ga jij lekker klieren in de klas.
Kunnen wij hier een beetje normaal discussiëren.
Dà-àààààààg

Door Anoniem:
Met opgave van een extra password voor gebruik van deze Terminal.app zouden malware scripts dus niet werken omdat ze überhaupt geen toegang krijgen tot Terminal zonder eerst geaccordeerd te worden met opgave van een password.

Door Muria:
Lennart is hoewel hij nogal dwars kan zijn geen vertegenwoordiger van de dark side. Zelfs Linus (ook één persoon trouwens) heeft eigenlijk niets tegen systemd zelf.

Door Anoniem:
Ik ga er vanuit dat je niet weet hoe SUDO werkt in de terminal van Mac (of Linux)
"sudo ls" en je list een directory als admin, vervolgens wordt ALLES wat je daarna uitvoert in die terminal als admin gedraaid. Dat wil je dus ECHT NIET.

Door Muria: Fnuikend: Microsoft biedt een 'oplossing' aan om met de heterogeniteit om te gaan die ze zelf hebben gecreerd (met hun weigering hun software aan de facto standaarden aan te passen).

Door Muria:

https://en.wikipedia.org/wiki/Embrace,_extend_and_extinguish

"Embrace, extend, and extinguish",[1] also known as "Embrace, extend, and exterminate",[2] is a phrase that the U.S. Department of Justice found[3] that was used internally by Microsoft[4] to describe its strategy for entering product categories involving widely used standards, extending those standards with proprietary capabilities, and then using those differences to disadvantage its competitors.

Door U.S. Department of Justice (!)

subject, a 42 year old male~ resides alone at 2410 Green Street, in San Francisco. The subject was found inside his locked residence, hanged by his neck, by San Francisco Police Officers performing a well-being check, after friends were concerned by the subject's suicidal ideations he was "tweeting" all day on social media. According to information received by San Francisco Rescue Captain Thomas #1 and San Francisco Police Officer Thompson #1292, filling incident report #151-117-986, the following investigative report was generated. On 12/28/2015, the subject was on his profile for a social media website called "Twitter" According to friends who follow the subject on the website, throughout the day today the subject was "tweeting" suicidal ideations and cryptic messages. Friends of the subject read these "tweets" and became very concerned for the subject~s well-being. Reportedly numerous anonymous persons began to Call the San Francisco Police Department~ asking for an officer to respond to the subject~s residence for a well-being check. San Francisco Police Officer Thompson #1292 responded to the subject's home at approximately 1910 hours. Officer Thompson #1292 looked through the window of the subject's front door and saw the subject lying facedown on the stairs, unresponsive. Officer Thompson #1292 then kicked the subject's locked front door down in order to gain access into the residence. Once inside the residence, Officer Thompson #1292 noticed the subject had an electric cord from a vacuum wrapped around his neck, unresponsive. Officer Thompson #1292 untied the make shift ligature that was around the subject's neck and lied him on his back on the floor in between the front door and the stairs Officer Thompson #1292 then summoned for Emergency Services. San Francisco Fire Department Rescue Captain Thomas #1 arrived on scene. Once on scene, Rescue Captain Thomas #1 determined the subject was beyond any resuscitative efforts and death was confirmed at 1939 hours, on 12/28/2015~ This office was notified of this death at 2005 hours~ same date. Investigation at the scene revealed the subject lying supine on the floor behind the front door just in front of the. The subject was noted to be covered in a yellow emergency blanket. The subject was noted to be nude. When the officer first walked into the residence he observed a vacuum located to the left of the subject. Per Officer Thompson #1292, when he first arrived on scene he found the subject lying facedown in a prone position with his feet resting on the floor but his body lying on the stairs Officer Thompson #1292 then noticed that the subject had a makeshift ligature tied around his neck with the vacuum's electrical cord, while the vacuum was at the top of the stairs held in position by the railing of the stairs Officer Thompson #1292 then unwrapped the cord of the vacuum and moved the vacuum off the stair's railing to loosen the ligature and create slack in order to be able to move the subject from the stairs to the floor in order to perform lifesaving procedures. According to Officer Thompson #1292, no photos of the subject~s original found position were taken by the officers There were no signs of any tobacco or illicit drug use noted throughout the empty residence. Evidence of alcohol use was noted with many empty bottles of wine found in several rooms of the residence. No medications were found on scene. External examination of the cold and flaccid remains revealed a furrow about the neck of the subject. Lividity was noted to be fixed No obvious signs of external trauma or foul play were observed about the remains. subject recently broke up with his girlfriend and was being evicted from his residence at the end of this month. The subject is a known drinker and can get "out of control" from time to time, per the neighbor. The police have been called to the subject's residence before by a neighbor due to loud noises~ screaming, and reported domestic issues with his girlfriend, which have been caused by the subject's drinking The neighbor stated that to the best of his knowledge, the subject was not suicidal, had never voiced suicidal ideations nor has he had any past suicide attempts. The neighbor stated that the subject knocked on his front door at approximately 1533 hours, the same afternoon 12/28/2015, and tried to apologize to the neighbor and make amends to the neighbor for everything that has happened over the last couple of months. The neighbor thought this behavior was strange, and thought it was odd the subject was doing this today, but he did not think much of it at the time. INVESTIGATOR: ADAM HELLMAN #109 KENDALL FUDIM #115

Age: 42 Height: 5' 10" Weight: 208 Ibs.

PRELIMINARY EXAMINATION: The body is received in a white plastic pouch and is identified by an appropriately labeled Medical Examiner's tag attached to the right great toe. When first viewed, the decedent is unclad and is not accompanied by personal effects or valuables, There is a vacuum cleaner with attached cord that accompanies the body, as the ligature. The vacuum cleaner with attached cord is retained as Evidence.

The body is cold, following refrl'geration. There is moderate rigor mortis present. There is blanchable red posterior dependent lividity, except in areas exposed to pressure and red congestion of the head and neck above the level of the ligature mark described below under "Evidence of Injury." There is no evidence of decomposition, embalming, or organ donation.

EXTERNAL EXAMINATION: The body is of a well-developed, well-nourished, moderately hirsute, white man whose appearance is compatible with the recorded age of 42 years. The neck, head, face, torso and upper and lower extremities are described further under "Evidence of Injury."

The scalp hair is brown, straight, and measures up to approximately 5 inches in greatest length. Thereis an approximately li2 inch in greatest length brown moustache and beard. The eyelids are intact and unremarkable. There are rare petechial hemorrhages of the lef( upper bulbar conjunctivae. The sclerae and conjunctivae are otherwise congested, and otherwise unremarkable. The corneas are translucent. The pupils are equally dilated at approximately 5 mm in greatest diameter. The irides are brown, The mouth has natural teeth in good repair, and an atraumatic mucosa. The nose is intact, symmetrical, and unremarkable. The external ears are bilaterally symmetrical, well-formed, intact, and unremarkable.

The trachea is palpable in the midline. Cerebrospinal fluid from the cisterna magna is clear. The chest is otherwise well-developed and symmetrical. The abdomen is flat. The posterior body surfaces and anus are otherwise unremarkable. The external genitalia are those of an uncircumcised adult man, with testes bilaterally descended within the scrotum.

The bilateral upper extremities, below the level of the mid-upper arms are tanned. The upper and lower extremities are well-developed, with all digits present. The fingernails and toenails are soiled.

EVIDENCE OF MEDICAL THERAPY: There is a single electrocardiographic monitoring electrode on the anterior left side of the torso.

IDENTIFYING MARKS AND SCARS: Encircling the right arm is a tattoo which is photo-documented.

Page 1


CITY AND COUNTY OF SAN FRANCISCO Office of the Chief Medical Examiner Medical Division

Case No. 2015-1223

Name: MURDOCK, IAN Date & Time of Necropsy: December 29, 2015 0900 Hours


EVIDENCE OF INJURY:

HANGING: On the anterior and left side of the neck are parallel red linear abrasions with
intermittent areas of sparing. The individual red abrasions measure no greater than 1/16 inch in greatest width. This area of discontinuous parallel and paired red abrasions measures approximately 5 inches x 3/4 inches overall. This area of red abrasion is centered approximately 3-I/4 inches below the left external auditory meatus. The anterior portion of the red abrasions is centered over the thyroid cartilage.

The neck is dissected after the thoracoabdominal and cranial contents are removed. Internally, the superficial and deep muscles of the neck show no evidence of hemorrhages. The tongue is unremarkable. The hyoid bone and thyroid and cricoid cartilages are intact, with no adjacent soft tissue hemorrhages. The mucosae of the larynx and trachea are unremarkable with no intraluminal obstructive lesions. There are no prevertebral fascial hemorrhages or underlying cervical vertebral fractures.

BLUNT FORCE INJURIES: On tlle upper central forehead are three (3) separate scabbed
lacerations ranging from approximately 3/8 inch to 5/8 inch in greatest dimension. On the left supraclavicular fossa is an approximately I /2 inch in greatest dimension red abrasion. On the posteriorrightside ofthe neck is a punctate healing red abrasion. On theupper central chest is an approximately 1-1/2 inch in greatest dimension purple-red contusion. On the upper right side of the chest is an approximately I-1/2 inch in greatest dimension purple-red contusion. On the central abdomen are two (2) separate purple-red contusions ranging up to 1 inch in greatest dimension. On the lower left side of the abdomen is an approximately 3 inch in greatest dimension red abrasion. On the upper right side of the back is an approximately I inch in greatest dimension obliquely oriented linear red abrasion. On the upper left side of the back is an approximately 3 inch in greatest length obliquely oriented linear red abrasion. On the lower left side of the back, just above the left buttock, is an approximately 2 inch in greatest dimension purple-red contusion. On the front of the right arm is an approximately 4-I/2 inch in greatest dimension purple-red contusion. On the medial right forearm, near the right wrist, is an approximately 1/2 inch in greatest dimension purple-red contusion. On the back of the left arm is an approximately 1 inch in greatest dimension purple-red contusion. On the back of the left elbow is an approximately 2 inch in greatest dimension red contusion. On the anterior left forearm are four (4) purple-red contusions ranging up to 3/4 inch in greatest dimension. On the back of the left thumb is an approximately 1/4 inch in greatest dimension red abrasion. On the back of the left index finger is an approximately 1/2 inch in greatest dimension red abrasion. On the bilateral knees are red contusions and purple-red contusions measuring up to 5 inches in greatest dimension. On the front of the right shin is an approximately 1/2 inch in greatest dimension red abrasion. The well-developed skeleton is without evidence of palpable fractures. On dissection of the scalp, the skull is intact with no evidence of fractures.

Page 2


CITY AND COUNTY OF SAN FRANCISCO Office of the Chief Medical Examiner Medical Division

Case No. 2015-1223

Name: MURDOCK, IAN Date & Time of Necropsy: December 29, 2015 0900 Hours

These injuries and findings, havt`ng been described above, will not be repeated.

INTERNAL EXAMINATION: The subcutaneous body fat is approximately 2.5 cm in its maximum thickness at the mid-abdomen. The pleural cavities are free of abnormal collections of fluid or hemorrhage. The visceral and parietal pleurae are intact and unremarkable. The pericardia! sac is intact and unremarkable. The abdominal cavity is intact and unremarkable. The lower abdominal wall has apparent surgical mesh imbedded in the fascia with no apparent overlying scar. The thoracoabdominal organs are in their usual positions. The diaphragms are intact.

CARDIOVASCULAR SYSTEM: The heart weighs approximately 500 grams. The epicardium is smooth and intact. The cardiac contour is globoid. The coronary arteries follow their usual anatomic pathways, with no atherosclerotic stenosis or recent thrombus of the epicardial vessels. The myocardium is red-brown, without evidence of infarcts or focal lesions. The left ventricle measures approximately I .0 cm thick concentrically; and the right ventricle measures approximately 0.3 cm thl~ck concentrically. The chambers are dilated. The endocardium, chordae, and papillary muscles are unremarkable. The valves are intact and unremarkable. The foramen ovale is closed. The aorta and its major branches follow the normal pathways and are unremarkable. The vena cava and major veins are intact and unremarkable.

RESPIRATORY SYSTEM: The left lung weighs approximately 510 grams; the right lung weighs approximately 600 grams. Externally and on sectioning, the pulmonary parenchyma is without masses, consolidations, obstructions, hemorrhages, or destructive emphysema. The tracheobronchial tree shows an unremarkable mucosa with no intraluminal obstructive lesions. The pulmonary vessels show no evidence of thromboemboli.

HEPATORILIARY SYSTEM: The liver weighs approximately 2,070 grams and has an intact capsule covering a moderately firm, red-brown parenchyma, with sharp anterior borders. Cut sections of the liver show no lesions.

The gallbladder contains approximately 30 ml of yellow-brown bile with no stones.

HEMATOPOIETIC SYSTEM: The spleen weighs approximately 210 grams and has an intact capsule covering moderately firm, red-purple parenchyma which on cut sections shows unremarkable lymphoid follicles. The thymus has been replaced by adipose tissue and is unremarkable. The thoracoabdominal and cervical lymph nodes are not enlarged. The visible bone marrow is unremarkable.

ENDOCRINE SYSTEM: The pituitary gland is intact and not enlarged, and is unremarkable. The thyroid gland is bilaterally symmetrical and unremarkable in color, size, and consistency. The cortices and medullae of the adrenal glands are unremarkable.

Page 3


CITY AND COUNTY OF SAN FRANCISCO Office of the Chief Medical Examiner Medical Division

Case No. 2015-1223

Name: MURDOCK, IAN Date & Time of Necropsy: December 29, 2015 0900 Hours

Externally and on sectioning, the well-lobulated pancreas is without increased fibrosis, hemorrhage, or mineralizations.

GASTROINTESTINAL SYSTEM: The oropharynx and esophagus show unremarkable mucosae. The mucosa, wall, and serosa of the stomach are unremarkable~ The stomach contains approximately 200 ml of brown thin fluid, with no identifiable food fragments, tablets, capsules, or pill residues. The small intestine, large intestine, mesentery, and appendix are unremarkable.

GENITOURINARY SYSTEM: The left kidney weighs approximately 200 grams; the right kidney weighs approximately 190 grams. The renal capsules are intact and strip with ease from the underlying smooth, dark-red cortices. The corticomedullary junctions are well- demarcated, and the pyramids and papll'lae are unremarkable. The calyces and pelves are not dilated, and the ureters are patent to the bladder, which contains approximately 300 ml of clear yellow urine. The bladder mucosa and wall are intact, with unremarkable trabeculations.

MUSCULOSKELETAL SYSTEM: The firm, red-brown muscles are without evidence of focal lesions. The skeleton has been described above.

HEAD AND CENTRAL NERVOUS SYSTEM: The soft tl~ s~ -s an-~d m- "uslc esfoth -e-scalp are intact and unremarkable. The skull has been described above. There is no epidural, subdural, subarachnoid, intraparenchymal or intraventricular hemorrhage. The leptomeninges are thin and delicate. The arteries at the base of the brain are unremarkable. The dural sinuses and floor of the skull are intact and unremarkable. Externally and on sectioning, the cerebral hemispheres, deep brain nuclei, cerebellum, brainstem, and uppermost cervical spinal cord are bilaterally symmetrical and unremarkable.


FINDINGS: I. HANGING A. LIGATURE ABRASIONS OF ANTERIOR AND RIGHT SIDE OF NECK B. LIGATURE RETAINED 2. MULTIPLE BLUNT FORCE INJURIES: CUTANEOUS LACERATIONS, ABRASIONS AND CONTUSIONS OF FOREHEAD, TORSO AND UPPER AND LOWER EXTREMITIES 3. DILATED CARDIOMYOPATHY (500 GRAMS) 4. HEPATOMEGALY (2,070 GRAMS) AND SPLENOMEGALY (210 GRAMS) 5. CLINICAL HISTORY: ALCOHOL ABUSE WITH WITHDRAWAL SEIZURES, AND ASPERGER SYNDROME

Page 4


M.D. Hunter, M.D. A.P. Hart, M.D. E.G. Moffatt, M.D. H.S. Narula, M.D.

CITY AND COUNTY OF SAN FRANCISCO Office of the Chief Medical Examiner Medical Division

Case No. 2015-1223

Name: MURDOCK, IAN Date & Time of Necropsy: December 29, 2015 0900 Hours


CAUSE OF DEATH: HANGING —

NAME: MURDOCK, !AN CASE NO: 201612237

ANALYTICAL RESULTS:

SPECIMEN TYPE COMPOUND RESULT UNITS ANALYSIS BY

Blood (Peripheral) Vitreous Humor

Blood (Peripheral) Blood (Peripheral) Blood (Peripheral) Blood (Peripheral) Blood (Peripheral)

Urine Urine Urine Urine Urine

Ethanol Ethanol

Chlordiazepoxidel Nordiazepaml Diazepam Oxazepam Temazepam

Chlordiazepoxide Nordiazepam Diazepam Oxazepam Temazepam

SUBMISSION DATE: 12/31/2015 M. E.: AH REPORT DATE: 05/09/2016

0.21 0.24

c/o (w/v) HS-GC-FID % (w/v) HS-GC-FID

1200 ng/mL 230 ng/mL 45 ng/mL 9 ng/mL Confirmed Present*

Confirmed Present Confirmed Present Confirmed Present Confirmed Present Confirmed Present

LC-MS/MS LC-fvfS/MS LC-MS/MS LC-MS/MS LC-MS/MS

LC-MS/MS LC-MS/MS LC-MS/MS LC-MS/MS LC-MS/MS

COMMENTS
Report prepared by MM. MM


~ d


ANALYTICAL PROTOCOL:
Specimens submitted were subjected to Analytical Panels A and B, Analytical Panel A employs HS-GC-FID to detect and quantify ethanol~ methanol, isopropanol and acetone and may also detect other volatile compounds which would require additional analyses for confirmation and/or quantitation. Analytical Panel B employs Biochip Array Technology, GC, GC-fvfS .and/or LC-MS/MS to detect, confirm and/or quantify Amphetamines, Barbiturates, Bath Salts I & II, Benzodiazepines, Benzylpiperazines, Buprenorphine, Cannabinoids, Chloral Hydrate, Cocaine, Ethyl Gfucuronfde (EtG), Fentanyl, Haloperidof, Ibuprofen, Ketamine, Lysergic Acid Diethylamide (LSD), Meprobamate~ Mescaline, Methadone, Opiates, Opioids, Oxycodone, Phencyclfdine (PCP), Phenylpiperazines 1. & II, Propoxyphene~ Salicylates, Salvinorin, Synthetic Cannabinoids I, II, !II, IV & V, Tricy~lic Antidepressants

Door Muria: Je eenzijdige MS haat straalt er vanaf. Onderzoek doen is meer dan alleen het zoeken naar je zelfbevestiging.
Een bedrijf dat gedwongen werd om te splitsen is: [ur] https://en.wikipedia.org/wiki/Breakup_of_the_Bell_System [/ur] Er zouden er meer moeten volgen Apple Google IBM etc. Allen bereikte een bijna monopolie zonder een controlerende instantie. Bij auto-s zijn er maar een paar fabrikanten over. Kennelijk werkt de regulering daar wel. Met de chips-bakkers heb er ook nog maar een handvol. Die hebben zo te zien ook geen onbeperkte vrijheid er zijn kennelijk lobbies aan het werk. Je wordt nu links en rechts gepasseerd door IOT en big data.

Door Anoniem: Dat belooft wat.
http://webwereld.nl/software/94222-windows-10-patch-fixt-weinig-maakt-powershell-stuk

Door Muria:
Het zijn niet mijn woorden, het is de Amerikaanse justitie die dit heeft uitgezocht en opgeschreven.

Door Muria:

Ter herinnering: het ging over het bewust kapotmaken van standaarden: