Skip to main content

Questions tagged [macos]

macOS (formerly Mac OS X and OS X) is a series of Unix-based graphical interface operating systems developed, marketed, and sold by Apple Inc.

Filter by
Sorted by
Tagged with
2 votes
1 answer
79 views

MacOS: How to verify dialogue box is genuinely from Apple (not Malware)

A class of dialog boxes, similar to the one above, is a persistent nuisance on a Mac instance. How does one verify dialogue box is genuinely from Apple (not Malware)
gatorback's user avatar
  • 1,553
0 votes
0 answers
33 views

Is it really a good idea to check downloaded PDFs on VirusTotal? [duplicate]

I often download PDF and DjVu files from shady websites. Is it a good idea to upload them on VirusTotal first or this is not really practially necessary? I often download 5 different versions of the ...
jsx97's user avatar
  • 109
1 vote
0 answers
40 views

macOS Parallels firewall configuration?

I use Parallels to run different type of OS (Windows, Linux) on the macOS ARM64. I would like to improve the overall security of the machine to be able to connect to a LAN or Wifi and still have a ...
Dev1n.101's user avatar
0 votes
0 answers
122 views

Storing APFS password in Apple's Keychain for Time Machine

If you are using an encrypted APFS container, for example, to encrypt the Time Machine, whenever the physical disk is plugged in, MacOS asks for a decryption password with an option to store it ("...
Alex's user avatar
  • 233
2 votes
1 answer
2k views

How to implement Wi-Fi deauthentication attack on mac

I am trying to send "de-authentication requests" with Mac but all the previously used tools don't work I was using bettercap before, now it says that deauth packet was sent but nothing is ...
0 votes
0 answers
123 views

Adding custom rules to apple xprotect

I'm trying to build an endpoint protection software on MacOS, apart from ESF or OpenBSM, I need to block and detect malicious softwares. I found xprotect to be useful, https://www.sentinelone.com/...
daisy's user avatar
  • 2,097
4 votes
0 answers
442 views

Why is non-admin user allowed to do macOS update?

On macOS Sonoma, when I use any non-admin user, I am able to do a full OS update, or to run commands like softwareupdate --install-rosetta. Why is this allowed? I researched a little and came to this ...
Ivan's user avatar
  • 141
1 vote
0 answers
74 views

How reliable is the multipass cli on macOS for pentesting? [closed]

I've been using multipass to quicly spin up vm's on my mac for my some CS courses which required a linux distro, but I'm getting into pentesting and will need a solution. Any advice or opinions on the ...
sleepydrmike's user avatar
2 votes
0 answers
138 views

Is MacOS encryption as secure if FileVault is switched on after installation?

Regarding turning on MacOS' FileVault after it was not turned on for installation, it says here... If FileVault is turned on later — a process that is immediate since the data was already encrypted — ...
Ian Warburton's user avatar
0 votes
0 answers
136 views

Backup to a remote Encrypted APFS drive mounted through Samba. Is this a sound plan?

Say I have a remote machine (something like a VPS) that I have no physical access or physical authority over other than a user on it (with root access). However, I'd like to do Time Machine backups on ...
The Quantum Physicist's user avatar
0 votes
2 answers
362 views

As a security engineer would you be okay recommending macapps.link?

I really like macapps.link as it helps me to quickly install a bunch of software after a fresh install. However, it doesn't have the transparency such Windows alternatives, like ninite or winget have.
DoctorRoboto's user avatar
0 votes
0 answers
327 views

USB Drive Malware (.lnk extension) Suspicions: Seeking Advice on Next Steps

I recently encountered a concerning situation involving a USB drive, and I'm seeking guidance on how to proceed. The scenario: I used an older computer to extract photos from a DVD and transferred ...
Aa me's user avatar
  • 1
0 votes
0 answers
123 views

Is it normal for Apple push notifications to use the IRC protocol?

Seeing traffic like this on my network and wondering if it’s normal to see IRC being used in macOS push notifications and if anyone has any idea what the apparently escaped code (based on all of the ...
Patrick Dark's user avatar
7 votes
1 answer
12k views

Understanding ssh-rsa not in PubkeyAcceptedAlgorithms

I am having problem in connecting to an Amazon EC2 Linux instance from an old Mac OS machine running El Capitan. Unfortunately without any possibility to upgrade the OS. Because all the other modern ...
Leonardo's user avatar
  • 173
3 votes
1 answer
2k views

How can an application, using Apple's Secure Enclave on macOS or TPM on Windows, protect itself from other applications accessing its private keys?

I'm interested in using Apple's Secure Enclave on macOS or TPM on Windows to protect cryptographic keys used by an application from being accessed by other applications running with the same or higher ...
Pathong's user avatar
  • 56
0 votes
1 answer
353 views

Can virus survive macOS Recovery?

In what scenarios would a MacOS virus/malware/rootkit/etc (I use those terms to englobe all types of undesirable or malicious software or code) resist a format of the hard drive in MacOS recovery? I ...
ButterKnife's user avatar
1 vote
0 answers
743 views

File encrypted with OpenSSL cannot be decrypted with LibreSSL

First off, please don't turn this question into a LibreSSL vs OpenSSL holy war! I'm just trying to understand the functional differences between them, nothing more. I originally asked this question on ...
MorayM's user avatar
  • 111
1 vote
0 answers
119 views

Password generation algorithm used by MacOS keychain

What algorithm does MacOS use in its keychain system to generate passwords? (using password assistant accessed through keychain app and using Safari keychain). Does it access/is it the GUI for the /...
gamma_ray's user avatar
1 vote
0 answers
579 views

SSH authentication with GPG failing with a new Yubikey with the same gpg keys as the old one

I have a MacBook M1 on which I have been using a Yubikey 5 to authenticate SSH logins to various systems. I recently got a Yubikey 5C so I wouldn't have to use adapters. I moved my keys over to it ...
user28598's user avatar
0 votes
1 answer
227 views

Privacy related to company VPN

Last week my employer sent me a root cert to access the company’s VPN on my personal iMac. When I am connected to the VPN, I’m aware the VPN server can encrypt/decrypt the traffic, but I have some ...
Peter's user avatar
  • 9
1 vote
0 answers
80 views

Apple Magic Keyboards in Public Spaces Man-in-the-middle

Let's imagine that I leave a Mac with wireless peripherals in a public space like a co-working space that might end up with other wireless devices nearby or physical access (say, at nighttime). My ...
lukewalsh's user avatar
1 vote
0 answers
204 views

Is it possible to add a username a password to a hostname in /etc/hosts? [closed]

Is it possible to add a username a password to a hostname in /etc/hosts? Like: a.b.c.d username:password@hostname
1n4ho12's user avatar
  • 11
0 votes
1 answer
913 views

How to prevent the recovery of deleted files without a full format of external HDD?

How can I securely delete selected files so they can’t be recovered, but without the full format of the external HDD? Is this even possible? I’m using Mac OS.
account name's user avatar
2 votes
1 answer
1k views

Is it safe to store data on APFS 256 AES encrypted external HDD disk?

I'm using a MacBook and want to store confidential data (financial documents, passwords, private photos, etc.) on an external HDD disk. How safe is setting up APFS AES 256 encryption with disk ...
alexandergill's user avatar
0 votes
0 answers
733 views

Suspicious incoming connection attempts from random IPv6 addresses on local network on macOS

I've been using Little Snitch on my Macbook and I have since a long time a rule to alert on any incoming IPv6 connection, which would be suspicious since I use IPv4 only. Since a couple of days I've ...
Rolf W.'s user avatar
  • 101
0 votes
2 answers
2k views

Objectively, what can you do on kali that you can't do on a mac?

What is so special about kali? Is there some suite that just run on kali and won't on other distros/mac? Is it just marketed better to the infosec community?
evenzero's user avatar
0 votes
0 answers
94 views

Can code be executed from copying the From field of an Outlook Email?

I received a suspicious email in Outlook and wanted to check the from email field to see if it was still a Microsoft address. I right clicked and selected "copy address" on the From field ...
Daniel's user avatar
  • 1
0 votes
1 answer
4k views

SSL certificate not standards compliance in Safari

I created a certificate authority on my MacBook, and I'm using it to create a wildcard certificate. I have the root CA added as trusted into my system keychain. On Safari, it complains that the ...
MikeA's user avatar
  • 101
1 vote
1 answer
1k views

VPN does not hide true location on the Maps app on Macbook

I am using a VPN (NordVPN). I am seeing the VPN IP in browsers - this is ok. However when I check the Maps apps on my mac, it shows my true location. How can I ensure that my true location is hidden ...
CyberJ's user avatar
  • 111
0 votes
1 answer
281 views

OS on external drive -- is it safe?

So I'm installing macOS to my external hard drive partition, so I can have a 100% clean environment where I can engage with cryptocurrencies. (Exchanges, stable coins, protocols, putting actual money ...
user277849's user avatar
0 votes
0 answers
146 views

Compromised machine. Should I create a partition or volume to install a clean OS?

My goal is to create a 100% clean environment where I can interact with cryptocurrencies. For that, I can partition my disk or I can create a volume. Which one should I prefer? Some context about the ...
user277849's user avatar
7 votes
1 answer
4k views

Is Mac OS safer to use as far as firmware rootkits, cold boot attacks and evil maid?

Windows machines have things like TPM and Secure boot to help protect against firmware rootkits, but is Mac any safer in these regards? How does Mac work in the boot stage and is it any less ...
Rideboards's user avatar
1 vote
0 answers
307 views

Need help cracking a MacOS Catalina password

I have found the hashes for the stored passwords on my mac, I do not have the administrator passwords, I do have the hashes coming from the /var folder. I have tried decrypting it using hashcat but it ...
ADeveloper's user avatar
2 votes
2 answers
2k views

Cipher suite choice on macOS on Apple Silicon

I have a postfix mail server that accepts these cipher suites: tls_high_cipherlist=ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256: ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384: ...
Synchro's user avatar
  • 767
0 votes
1 answer
377 views

Virus from Embedded Image in Mac Mail?

I'm using macOS High Sierra, and mac Mail version 11.3. I have a script that uses the Twitter API to continually fetch tweets in real-time and send the contents of each of these tweets, including any ...
galpo's user avatar
  • 103
0 votes
0 answers
241 views

When I visit an http://gofile.me/ link, how much information to I provide to the NAS server owner?

There are files I need from a heavy NAS user and they've given me a link of the form http://gofile.me/xxxxx/xxxxxxxxx If my laptop running the Chrome browser in macOS is connected to the internet via ...
uhoh's user avatar
  • 1,409
1 vote
1 answer
1k views

Is it possible to bruteforce Yubikey's PIN when using it as PIV/Smart card?

I'm considering using Yubikey to log in to my Mac. However, in my threat model I have to assume that it will fall into the wrong hands, hence the question: does Yubikey have any mechanisms that ...
jgeoirgnlsfnv's user avatar
1 vote
1 answer
159 views

Read files protected with System Integrity Protection with sudo

I had a debate with a friend about the security model in new OS X versions. OS X El Capitan and newer have the System Integrity Protection security feature which protects aspects of the OS even from ...
Paul's user avatar
  • 633
4 votes
3 answers
11k views

How secure is OpenCore Legacy Patcher?

My MacBookPro doesn't get major updates anymore, but the hardware still works well. I came accross OpenCore Legacy Patcher, which allows to install recent versions of MacOs onto older macs through ...
KooDooMoo's user avatar
  • 141
1 vote
1 answer
254 views

Does MacOS Filevault + Mac hardware obviate lengthy login passwords?

Take the combination of an encrypted disk with a secure enclave chip that never exposes an internal Key Encryption Key and throttles or prevents too many password guesses. Seems to me that this should ...
Purplie's user avatar
  • 11
0 votes
1 answer
302 views

Postgres.app security on a Mac?

I'm wondering if there are any security concerns with installing PostgreSQL on a Mac using the app? https://www.postgresql.org/download/macosx/ I had a look at the data folder and it's owned by me ...
Xoteric's user avatar
  • 33
0 votes
2 answers
2k views

Is Xcode vulnerable due to log4j?

After the log4j vulnerability was announced, I scanned my Mac to see if any applications were using it. find / -name "*log4j*" 2>/dev/null Here's the output that indicates that Xcode has ...
tinkerr's user avatar
  • 101
4 votes
1 answer
12k views

hashcat skipping gpu even if it's recognizing the device and the driver is installed

I'm trying to run hashcat on a MacBook Pro. Running hashcat -I to check the devices' informations yields: hashcat (v6.2.5-38-g8b61f60e8) starting in backend information mode OpenCL Info: ============ ...
Francesco Ghizzo's user avatar
0 votes
1 answer
122 views

Mac os x installation partition integrity

Let's suppose i lend my new macbook to a (dishonest) friend. This is a new fresh macbook, just unboxed. My friend does what ever he wants on this macbook. One month later, he gives me back the macbook....
Bob5421's user avatar
  • 51
0 votes
0 answers
29 views

Can someone on same wifi access my computer? [duplicate]

I was connected to a hotel wifi and airport wifi last week. Some of the files in my Downloads folder now has been compromised (soft keys stolen). Can someone connected to same wifi gain access to my ...
xoail's user avatar
  • 101
0 votes
0 answers
26 views

Can work system admin remote into my personal Mac when I connect to work VPN? [duplicate]

I usually connect to my work VPN on my personal Mac and then use Windows Remote Desktop client to access my work computer. Today on my Mac while disconnected from the VPN I noticed the username/...
Tony's user avatar
  • 101
1 vote
1 answer
268 views

How to know which IP address is used for my DNS queries on macOS?

I'm not an expert, only have basic knowledge about all this but I'd like to understand what's going on so please bear with me. I'm currently using a VPN (IKEv2 protocol) on a macOS system and I can ...
spectral-hardware's user avatar
1 vote
1 answer
3k views

How does FileVault work with Time Machine?

Let's suppose a Mac OS computer with two users: user1 and user2. These users are not administrators. FileVault is enabled. The computer is connected to an empty external hard drive for Time Machine. ...
Bob5421's user avatar
  • 51
0 votes
0 answers
183 views

Hybrid-Analysis.com indicates the website that my macOS system is contacting is likely malicious

Backstory: I just upgraded my MacBook from OS X 10.11.6 to the most updated version of macOS, 10.14.6 Mojave. I also have the Little Snitch network filter installed. I know nearly nothing about ...
I_Don't_Code's user avatar
1 vote
2 answers
1k views

Safe or Unsafe to Store Passwords in Chrome on MacOS?

I've seen conflicting opinions on this, more than the below, but i.e. Unsafe: https://www.techrepublic.com/article/why-you-should-never-allow-your-web-browser-to-save-your-passwords/ Safe: https://...
TCooper's user avatar
  • 366

1
2 3 4 5
10