Is My Mac Repair Shop Hacking Me

Some Apple Macs have a particularly terrible flaw that lets hackers sneak in and remain undetected, a security researcher has found.

UBreakiFix DC Expert MacBook Repair. Apple designed its laptops to be the most powerful and portable tool around. But one slip or spilled drink and you could find yourself in need of MacBook repair. UBreakiFix DC is here to help you with any Apple Mac repair you might need. Our store is located at 3510 Connecticut Avenue NW in Washington, DC.

  1. Repair guides and disassembly information for Apple's Macintosh personal computers. Mac troubleshooting, repair, and service manuals.
  2. Apple Mac devices have a great reliability reputation, but high-technology devices can go wrong at any time, and your computer will also be vulnerable to damage which will leave you needing something like an Apple Mac screen repair, software or hardware installation services and upgrades, or even a water damage repair.

It means a hacker could -- from far away -- force a Mac into a coma. Personal, corporate or government Macs could be spied on in a way that even the best security checks wouldn't discover -- until it's way too late.

'This is scary,' said Sarah Edwards, a forensic analyst at the SANS Institute who specializes in reviewing computers for evidence of hacks. 'I would never see this. There could be funky stuff going on in the computer system, and I would never know why.'

What makes this one so bad? It's a computer bug that runs especially deep in the machine.

All computers have some kind of basic input/output system (BIOS), the core program that brings a machine to life. It's the kind of thing you should never tamper with. And it should obviously remain heavily guarded.

But Macs purchased one year ago or before, apparently, leave a door open.

When a Mac goes into sleep mode and wakes back up, it allows direct access to the BIOS. It's a weird quirk that lets someone tamper with the code there. That's what was discovered recently by Pedro Vilaça, a curious independent computer security researcher in Portugal.

He revealed this vulnerability publicly in a blog post last Friday. He told CNNMoney he alerted Apple directly soon thereafter.

Apple(AAPL) did not respond to questions about this flaw -- nor would it say when it plans to release an update to fix it.

Several cybersecurity experts confirmed to CNNMoney that this is a real problem, and they plan to research further in the next few weeks.

This isn't an easy hack. An attacker first needs administrative access to a machine. But what this means is that if a Mac gets hacked with a low-level computer virus, it can bury so deep you'll never find it.

That's the real problem here. It gives hackers more time to plot a massive bank heist or a huge corporate takedown, like the Sony Pictures hack.

So, who's in real danger? High-value targets: think company executives, bankers, politicians, the wealthy, journalists, or anyone else worth spying on for a long period of time.

The average Mac user doesn't have to worry about this one, because they're actually susceptible to cheaper, easier hacks -- that are easier to spot and fix. So says Katie Moussouris, an executive at HackerOne, which helps companies fix dangerous computer bugs.

Mac

Tod Beardsley, a security research manager at cybersecurity firm Rapid7, stressed that most Mac users aren't likely to get hacked because of this bug. He said the flaw is 'certainly surprising ... but the bar of difficulty is pretty high.'

This is the second major flaw in Apple devices discovered in the last week. Recently, people discovered that you can crash someone's iPhone simply by sending it a text message.

Vilaça decided not to name this bug. But every major computer flaw nowadays deserves a name. Given that it involves a poisonous kiss that wakes a sleeping Mac, Moussouris suggests this one: Prince Harming.

CNNMoney (New York) First published June 3, 2015: 12:37 PM ET

Back up, wipe, reinstall, migrate in only docs, change all passwords on mail and Wi-Fi and all connected devices.


Meme

Don’t discuss trading or financials outside strictly necessary conversations, and don’t expect add-on security software or hardware products to actually do what it claims, and do expect at least some of those products to potentially open up new avenues for exploitation.


Don’t run a guest network. Or if you do need a guest network, isolate it. WPA2 with a long pre-and complex shared key,


Use a password manager.

Is My Mac Repair Shop Hacking Memes


Safari on recent releases can show shared passwords, with a warning triangle in its password store. (Safari uses Keychain for storage, but the caution marker is something that only Safari shows and nor Keychain.) Remove most or all duplicates, when you’re changing passwords everywhere.


Backups, wipe, reinstall from known-good, change all credentials, enable multi-factor authentication where that’s available.

Is My Mac Repair Shop Hacking Message


Backups are a key part of breach recovery.


Notify your financial institutions. Also notify your local police.

Oct 27, 2018 10:00 AM