Hacker News new | ask | show | jobs
by Siguza 3094 days ago
Needs to be running on the host already (nothing remote), achieves full system compromise by itself, but logs you out in the process. Can wait for logout though and is fast enough to run on shutdown/reboot until 10.13.1. On 10.13.2 it takes a fair bit longer (maybe half a minute) after logging out, so if your OS logs you out unexpectedly... maybe pull the plug? And maybe don't download & run untrusted software until the bug is patched (or, you know, ever)? Also, any decent antivirus shouldn't take long to add this to their malware definitions.

Not sure if this is HN-level, but... I hope it's understandable.
2 comments
antaviana 3094 days ago
Indeed, I always buy iMacs instead of MacBooks because I can actually pull the plug whenever something takes longer than anticipated.
link
tomduncalf 3094 days ago
You can just press and hold the power button to shut a Macbook off. I assume this is a hardware level interrupt as I’ve never seen it fail. Granted not quite as satisfying as physically pulling the plug!
link
bluedino 3094 days ago
When they had power buttons you could
link
jsmthrowaway 3093 days ago
They still do, it just also does Touch ID now. Source: Have one.
link
zulln 3093 days ago
It should not be too hard to build in a hardware-switch. Sure, it would take some time but think I would prefer that over always being stationary.
link
sigjuice 3094 days ago
Pulling the plug is a bit extreme. Perhaps you might consider logging on from another computer to troubleshoot?
link
geekamongus 3094 days ago
> Also, any decent antivirus shouldn't take long to add this to their malware definitions.

Have Mac users finally started running antivirus?

link
j0hnml 3094 days ago
Apple actually creates some signatures in house with “XProtect”, but I’m not sure they do the same for raw privesc exploits. I’m also not sure how thorough they are with their signature creation...
link
Siguza 3094 days ago
Well, that I don't know...
link
oneplane 3093 days ago
Some of them. But mostly of prevent forwarding windows-malware. Most corporate-managed stuff has endpoint protection, and most end-users are covered by GateKeeper, XProtect and the standard Google safe browse whatever it's called thing. And since most of the basic users simply use webmail, that vector is covered as well. It's not as bad as it once was.
link
biehl 3094 days ago
No
link