afreak.ca

In recent releases of Mac OS X (as of this date, Lion is the most recent), Apple has bundled a parental control feature that allows a guest user environment separated from everybody else to log in with limited abilities. The control panel that configures it allows you to limit Internet access, what applications can and cannot be launched, and how much time the guest user may have on the machine per day. It’s pretty handy if you have children, if you wish to create a kiosk of sorts, or if you would like to share a machine with guests visiting your home.

The way the parental controls appear to function is that it limits you within the Finder for application control. This means that the Finder dictates what you can and cannot launch and what you can do within the computer. For those who are unfamiliar with OS X, the Finder is akin to Explorer in Windows.

However, since it’s the Finder that controls everything, it is possible to break out of the sandboxed environment and do more than what you are permitted to. Here are some things I figured out that you can do:

• Even if you’re limited to what you can do within the Finder with regards to file access, allowing an application that opens text files permits you to browse the files on the machine. This means that you can in theory pull up configuration files and so forth within TextEdit and then edit them without having to find them within the Finder.
• Help files can be launched without any limitation.

I had hoped to add more into the points, but during the experimentation process I didn’t do any sort of note-taking.

Keeping in mind that since you can freely browse files and the Finder is in control of what you can launch, it is possible to create a hole for launching any application freely if you do not limit certain applications. For example, if you were to go and allow one to run Quicksilver or Steam, it is possible to launch the Terminal.

During my tests, I used Steam as an example and went about doing the following:

1. Had Steam allowed within the guest environment to be executed.
2. Logged into the environment and then logged into Steam after entering a one-time code.
3. Added Terminal as a non-Steam game (or application in this case).
4. Able to launch Terminal.

What this means is that to rely on OS X’s parental controls, you’ll have to take into account any applications that can launch other applications are a potential loophole. It appears that after logging out that OS X will wipe any data that is created during the login session, but it still doesn’t mean that privilege escalation is impossible using this technique.

Side note: My girlfriend had decided to let me play with her Macbook Pro by putting me in a guest environment. I am not sure how it got to this point, but we started to limit the applications I could use after I said I probably could break out of the sandbox she created. This is how I came to determine the above.

I have been meaning to write about my attendance at DEFCON 19 in Las Vegas last month and finally I am writing about this before I disappear off to Mexico for a week. Needless to say, the conference was well-worth the trip to Vegas and I am definitely attending again. The only negative thing I have to say in regards to it is the fact that it was 43 C every single fucking day.

One of the things that I found interesting about this trip to the United States was that this was the first-ever venture into that country where I was flying domestic. If you fly out of Vancouver to Las Vegas, you’re looking at a 80% premium compared to flying out of Bellingham, Washington, which is only 45 minutes from where I reside.

Most of my photos from DEFCON were taken with my smartphone during the course of the weekend and consisted of friends of mine. What you see here are just an excerpt of what had occurred over the weekend.

Wall of Sheep is something I have heard of for years and it is quite legendary. What was sort of depressing was that I was seeing familiar hostnames appearing on the screen during the course of the weekend. People tend to wonder why I don’t bother with a wireless network at home and this really the reason for my decision.

A coworker of mine was amongst the group that had decoded the mystery that was this year’s DEFCON badge. I took a swing at it personally but got lost part-way through.

This charge station caught my attention as did many others because not only was it a charge station at DEFCON but it was a station with a screen. Upon inserting a cable into your mobile device, the screen changes and asks you why you’ve done that but graciously charges your phone without doing anything nefarious. When I first saw this, I immediately began to wonder who in attendance would be gutsy or naive enough to try this.

Hacker Jeopardy was definitely worth watching. One funny story about this event was that a friend of mine from IRC had went and posted QR codes all over the Rio during the course of the weekend. I cannot remember what they did besides display a message telling people not to be idiotic and scan them. He got the bright idea to get the girl on the stage during Jeopardy to wear one of the codes around her legs (she was effectively down her underwear at this point) and had a whole bunch of males run up and take photos. Hilarity.

IOActive had put on an impressive show during Saturday evening. I had an opportunity to attend their other event during Blackhat but I decided to not do anything with my pass and socialise instead.

A bit of a sideshow to DEFCON, but a bunch of us opted to go visit the Pinball Museum which was a bit east of the strip. I definitely had a great time and found myself mastering a German pinball machine modeled around Super Mario World.

It is unlikely that I will be in Vegas for next year but I will most likely be at HOPE in New York as I have been asked to help out. I also have plans to give a talk on a project that I will be discussing later this fall.

One of the proudest things I have the ability to claim is being a part of the group that got Maker Faire to Vancouver. For the un-initiated, Maker Faire is effectively a science fair of sorts that isn’t limited to the confines of a school gymnasium and is intended to attract participants of all ages. I think that once you take a look at the website that you’ll be more than interested in attending.

Derek Anderson, Joe Bowser, and I have all been talking about doing a long-range wireless project for several months. After sourcing parts and doing some minor tests, we have the pleasure of announcing our Maker Faire project for 2011. Here is the summary of our project as presented on the Maker Faire website:

Microwave Communications is a project aiming to use commodity hardware to create point-to-point networks over long distances. Its goal is to provide an open source model allowing anybody to create network links that span several kilometres and more with a cost that many can afford. The usefulness in an affordable solution would be to provide those who are out of range of broadband services to have access to them or for small businesses or organizations be able to span their networks cheaply.

Derek Anderson, Joe Bowser, and Colin Keigher are active hackers in the Metro Vancouver area.

How cheap? Let’s just say that if you have a Sir Robert Borden lying around that it is expected to cost just less than one of him. Here’s a photo of us messing around with our hardware:

Our first test should be shortly and we plan to have a live setup for Maker Faire this year. I highly suggest that you check out other makers too!