HUGE "bug" in OS X? Hmmmmm...

hulkaros

hulkaros

The Incredible...
According to this:
http://lists.netsys.com/pipermail/full-disclosure/2003-July/010910.html

This:
http://www.osnews.com/
or this:
http://www.osnews.com/comment.php?news_id=3961

Here is the piece:
"Delfim Machado made public a way of crashing a password-protected screensaver and thus giving full access to the user account that the screensaver was running under. All a user has to do is to keep pressing any key for 5 minutes or so and then pressing Enter. Delfim Machado contacted Apple's Security department with his discovery, but when he didn't hear back, he decided to go public."

For me in all OS X.2.6 based systems that I tried the "bug", I could not reproduced the it...

What is this? Dark Side FUD? :rolleyes: Is Steve Balmer behind this? :p

What gives? What say you people? :D
 
Tested it for half an hour (while I was out, of course). It seems the text field on the password screensaver fills up eventually, but there's no crash. The screen saver stays securely locked.

I suspect whoever filed this bug report is only talking so much baloney.

(Running Mac os X 10.2.6)
 
Looks the same way for me too. The system might crash if it was too busy doing other stuff but i really doubt for only that. I'll try it eventually if im bored and have an hour to spend (so i can tell that it ddnt crash for an hour so i quitted).
 
Originally posted by wiz
BOOM!
Click to expand...

What do you mean by BOOM? You tried it and that "bug" worked on your OS X.2.6? :confused:

Have you installed all system updates? And still that thing worked? How did you install your OS X.2 system? Did you upgrade your older OS X.1.x system or you did a fresh install? What about your permissions? Are those fixed?

Can you be more specific instead of just BOOM us? Or you are having fun? :rolleyes: :D
 
I call complete and utter bull sh!t

I tried this several times, each time entering upwards of 1500 characters in the password field. No dice. Screen saver did not, I repeat, NOT crash.
 
Originally posted by Darkshadow
<ahem> hulk, you are getting after someone for just typing BOOM! ? That's a good one... :D
Click to expand...

Of course! That's by now a trademark of mine or should I say Steve's? :rolleyes: :p

Seriously now it was not for the BOOM! It was more like about the reason behind it! Have you seen Reloaded? Causality! :p Cause and effect! ;)
 
yea sry should't have said BOOM! ... but...

BOOM!


yea just havin fun... no dosen't work..
 
The Screen Saver crashes when I try it, 10.2.6 first rev 17" iMac, no haxies or anything.
 
Originally posted by Snowball
The Screen Saver crashes when I try it, 10.2.6 first rev 17" iMac, no haxies or anything.
Click to expand...

...here are some questions:
-Have you installed all system updates via Software Update or other sites?
-How did you install your OS X.2 system? Was it an upgrade from an older OS X.1.x system or it was a fresh install?
-Are your system permissions ok? I mean did you run Disk Utility or something to check/fix them?

Please let us know...
 
it crashes on mine too. One good way to get lots of characters is to select all the little dots in the password field and hit ctl-k which cuts them (like emacs) and then ctl-y which pastes them. I put about 2000 and it workes every time but doesn't for about 1500.

I don't have any haxies either, but I did an upgrade from 10.1. I'm using a screensaver called "blank" which just fades to black.

It also works for the login window, but it breaks aqua rather than bypassing security. I am dumped into Darwin login screen (similar to >console) and asked for my password unix style.

Any other questions be sure to ask, for this problem is highly reproducible for me.

OSX.2.6
266 Mhz iMac
256 Megabytes RAM
nothing but screen saver running OR lots of stuff running
 
Crashes here too. Fill the password field, select the characters, ctl-k then hold down ctl-y for a few seconds and hit enter. 10.2.6 nothing special.
 
This is a fresh install no more than 2 weeks old, all straightforward and updated. Permissions haven't been repaired, but I think this isn't limited to my machine evidenced by the other replies.

I created the crash the non-geek way by putting an object on a letter key and hitting enter about 10 minutes later. Basically the screen froze for about 1 second, and then it just crashed. There wasn't a crashed program dialog either, but there was an entry in the crash log.
 
Wow!
Ok, yes. It does crash on mine.

I have a powerbook G4 17" on 10.2.6 with 1 GB RAM.

Funny thing is... I NEVER KNEW ABOUT CTRL-K and CTRL-Y!!! Of course, command-C (copy) and command-V (paste) is disabled on the screen saver, but apparently there's this other way to copy and paste with the control key??!! Crazy.... what other Control Key functions are there? Anyway yes it crashed.
 
Sorry, but here it doesn't work. I too put an object (Tordek the dwarven fighter) on a key, then pressed return 5 minutes later. No crash.

But since I was there trying, I tried command+alt+del, and discovered that escapepod (an Ambrosia software utility) can force-quit the password protected screensaver... not nice.
Now I'll manually start escapepod only when doing hw intensive tasks (eg playing Jedi Outcast) then log out.

10.2.6 (all patches run) corbon copy cloned on this machine from my previous, updated from 10.1, updated from 10.0, some haxies (ASM, WindowShade, TinkerTools). BSD subsystem installed (anyone who could crash the screensaver, did you install it? Maybe this is the difference).
 
Has Apple made any comments on this? I'm curious to know what they have to say on the matter.

-keris
 
You must log in or register to reply here.
Back
Top