Ralf’s Blog

I was pointed by a colleague that ARDAgent can be exploited locally to gain “root” privileges under MacOS 10.4 and 10.5. A quick search on Google turned up this post on Macworld that gives some details about this issue.

To check whether you’re vulnerable type the following in a Terminal window:

osascript -e 'tell app "ARDAgent" to do shell script "whoami"';

And if it says root you are vulnerable. To quickly protect you type the following:

sudo chmod u-s /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/MacOS/ARDAgent

I was very happy to see that there’s TrueCrypt for the Mac, a disk encryption tool I really like and use since a long time on my Windoze PC.

Quickly I installed it. The installation went smoothly, and a quick test was successful. However, when I played some more with it, I found a strange oddity which I couldn’t clarify myself. I doubt that it’s because I’m a new Mac user, but I rather think it’s a quirk in TrueCrypt. Let’s see whether anyone can reproduce the issue, and whether it will be fixed (shortly).

Anyway, this is a tool that you should definitely use when you have confidential data on your laptop.

One of the first things I did when I got my new Mac was install Mozilla Thunderbird, the invaluable EnigMail extension, which is a very easy-to-use frontend to GNU Privacy Guard (GPG), and of course GPG itself.

All went very smoothly, and to check whether the installation was fine I tried to opened an encrypted message which I had received some days ago. Unfortunetly GPG couldn’t decrypt the message. A quick look at EnigMail’s console window told me that the message was encrypted using IDEA, and that the version of GPG I had installed was lacking support of that encryption algorithm.

(more…)