Mac malware uses right to left character exploit


Check out this jumbled confirmation window. At first glance the message appears to contain a bunch of gibberish, but it can actually be read if you start at the right side and read each character moving left. The text displays like this because it is prefixed by a special Right-to-Left override Unicode character. The technique is being used in malware to obscure the actual extension of the file being launched. Notice that when written backwards your eye can still pick out the string “pdf” which may be enough to trick the uninitiated into approving the launch of the file.

This confirmation screen is launched when clicking on a piece of malware found in the wild a little over a week ago. If you do choose to run it, a decoy PDF file is opened in order not to arouse suspicion. But at the same time the program — which is signed with an Apple Developer ID — is installing itself in the home directory and making a cron job to launch at each boot. Sneaky!

Apple MagSafe protocol hacking


[Ken Shirriff] was interested in how the Apple MagSafe works. Specifically he wanted to know what controlled the LED on the connector itself so he tore one open to see what is inside. There’s a chip present and he didn’t waste time figuring out how the MagSafe communication protocol works.

The DS2413 chip he found on the MagSafe’s tiny little PCB has just six pins. Two of these control a pair of LEDs, which give the indicator its color range.  Another pin is used for 1-wire communications. When polled the charger will return a 64-bit identification number that includes a variety of information. [Ken] looks into what data is offered from several different models of charger by using the Arduino setup above. But the results are not entirely straight-forward as he discusses in his article. The 1-wire protocol is also used to switch the LEDs. This process is the responsibility of the computer being charged, but [Ken] shows how the colors can be cycled using an Arduino (with a couple of 9-volts as a source instead of a connection to mains).

Apple MagSafe cord repair

[Tommy Ward] had a big problem with the cord for his laptop power supply. This thing’s not cheap so he figured out a way to fix the frayed cord on his Apple MagSafe. He asserts that the shortened rubber collar on the plug end of the cord is to blame for this type of damage. We think rough use may have something to do with it too, but having had to repair our own feline-damaged power cords we’re not about to start pointing fingers.

To pull off an appropriate fix [Tommy] pries apart the case housing the power converter. This lets him get at the solder connections of the cord. After removing it from the circuit board he clips off the damaged portion of the cable. To reuse the strain relief grommet he drilled out the old portion of wire and insulation, making room for the undamaged cable to pass through, adding a cable tie on the inside to aide in strain relief. The last part of the fix involves gluing everything back together.

If your power supply problems have to do with the computer connector itself there’s a fix for that too.

Hacked together Mac isn’t a hackintosh


Check out this 20″ iMac. Notice anything peculiar? Look closely at the branding above the Apple logo. The only thing that tips you off that this iMac is a hacked together unit is that Acer logo on the replacement screen.

As we’ve so often been caught doing, [Flippy] was browsing eBay for deals. It’s a dangerous activity because you end up falling into purchases like an Aluminum iMac for $35. That led to the purchase of a very slim LED LCD monitor to use as the display. It fits perfectly behind the iMac’s glass bezel, which has a tiny chip in the upper right corner that doesn’t bother [Flippy]. It’s thin enough that this actually left room for him to add in the guts of a MacBook Pro which he had sitting in his unused parts pile. With all of the main components accounted for the rest is really just logistics like routing all of the cable connectors and adding openings for USB ports. What he ended up with is a high-end computer for a low-end price.

Mac EFI PIN lock brute force attack (unsuccessful)

[Oliver] wiped the hard drive from a Macbook Pro using the ‘dd’ command on another machine. This does a great job of getting everything off the drive, but he was still faced with the EFI PIN lock protection when he tried to put it back into the Mac. You used to be able to clear the NVRAM to get around this issue, but that exploit has now been patched. So [Oliver] set out to use a microcontroller to brute-force the EFI PIN.

You can read his back story at the link above. He had the chance to enter a 4-digit pin before the format process. Now that he’s wiped the drive the code is at least 6 characters long, which is a lot more possibilities (at least it’s numeric characters only!). To automate the process he programmed this Teensy board to try every possible combination. It worked great on a text editor but sometimes the characters, or the enter command wouldn’t register. He guesses this was some type of protection against automated attackers. To get around the issue he added different delays between the key presses, and between entering each code. This fixed the issue, as you can see in the clip after the break. Unfortunately after two 48-hour runs that tried every code he still hasn’t gained access!

Continue reading “Mac EFI PIN lock brute force attack (unsuccessful)”

160 Mac Minis, One Rack

Mac Rack

[Steve] needed an alternative to the Xserve, since Apple stopped making it. His solution was to stick 160 Mac Minis into a rack. That’s 640 real cores, or 1280 if you count HyperThreading.

First, Steve had to tackle the shelving. Nobody made a 1U shelf to hold four Minis, so [Steve] worked with a vendor to design his own. Once challenge of this was managing the exaust air of each Mini. Plastic inserts were designed to ensure that exaust wasn’t sucked into the intake of an adjancent Mini.

Continue reading “160 Mac Minis, One Rack”

Building an ARM cross compiler on OSX


We’ve tried building our own ARM cross compiler on a Linux box and it’s no picnic. Luckily there is a free cross compiling toolchain available through Mentor Graphics (formerly called Code Sourcery G++). But those looking to develop on a Mac aren’t so lucky. There is help via a script, and [Michael] wrote a guide detailing how to use crosstool-ng to build an ARM toolchain on Mountain Lion.

Crosstool-ng is a script which automates much of what is needed when compiling all the different components. But there is a some groundwork that needs to be in place before you can run it. For instance, some of the tools that ship with OSX aren’t entirely compatible with the GNU tools the script is looking for. One example is ‘grep’. Mountain Lion has the BSD version of grep but it is missing a few of the GNU version’s commands used by crosstool-ng. [Michael] will guide you through this and a handful of other issues until you have a functioning toolchain up and running.