> That would be reminiscent of many past macOS security issues: processes are treated differently based on their code signature and entitlements, and sometimes that has unexpected consequences.
Hmm, I wonder if this is the root cause of something my friend group found in high school. We had macs that were locked down and I think it was something the system did vs third-party software but I could be mistaken. Pretty much you could only launch certain applications and you couldn't edit and preferences/settings for the system. Being kids we wanted to play Starcraft so I brought in a bunch of copies to play during our free period. Unfortunately you couldn't launch the Starcraft app. I still don't remember how we even figured it out but you could go into Safari and change the default browser to Terminal, then you could open up a word doc, type a link, and click it (or anything that would cause the system to open a link when you weren't already in a browser). That would launch Terminal but with a level of permissions that you couldn't get by launching it directly (or maybe it was that we couldn't even open Terminal directly, it's been a while). Once you had this "system-permissions-Terminal" launched you could type "open /path/to/Starcraft/launcher" and boom, Starcraft would launch and it was off the races.
Good times. Our teacher questioned how we could play games and if it was allowed but was placated with the explanation "The computers are all locked down so the ability to play this game means it must be ok to play". A bit of circular-logic and misdirection but this was still in period where all the teachers were woefully behind on technology and how it worked.
Oh man, this reminds me of my own experience with early computers in the classroom. Back in these days there were two computers in each classroom. One for the teacher and one for the students to share. Generally, students never used the single computer because what is the point, there's only one. My AP Calc teacher's "student" computer was broken. The school IT department couldn't be fussed to fix it, so we asked if we could and we did. As a reward for fixing the computer, we were allowed to use it. We played GTA (original) every day. One person was back there at a time during lecture. Your goal was to find a flame thrower and a chain of joggers, we called them the school children. If you killed all the joggers in the chain you got a big bonus. You can see where this is headed. Once you got the flame thrower and the school children on the screen you announced it to the class, lecture would stop, you'd flame thrower the school children while everyone watched, and then you traded off to the next person and the lecture continued. All but one person passed the AP exam that year.
Ahh yes, I helped fix computers throughout my time in primary education to the point I'd get pulled from classes to help sometimes. I had cemented my "status" back in elementary school when I was a "computer genius" because I knew how to mount the network drive then open and save files to it (which led to me being tasked with helping everyone else of course lol). I used to take every single chance to put my hands on a computer and it paid off in present day when I get paid to do it.
Not related to Macs but coincidentally StarCraft was also the first time ever I "cracked" a game. ^^
For whatever reason, the copy protection was not recognizing my game disc (apparently only worked on Windows 95 but not 98 as I found later).
This was my most anticipated game yet, so I made myself learn Windows/PC debugging on the spot — without the internet — which basically amounted to single-stepping through every line of disassembly in Visual Studio until the disc error message, then working backwards from the very last "jump" instruction, flipping the condition of each jump (I think it was JZ to JNZ or vice versa), until finally I found the 2 bytes (or was it 4) that took me to the blessed menu music that I can still recall. :)
Of course I had nobody to show my achievement off to and it wasn't even a moment of pride or anything, just relief and sheer happiness as I was about to get lost in what would become one of my most favorite games of all time.
(P.S. I hate what they did to the story in StarCraft II)
Impressive! Broken video games motivate a lot of learning.
When I was a teenager, we had three game-capable PCs, but only two had LAN cards. I also had an underpowered LAN-connected Linux machine. I connected the non-LAN PC to the Linux box with a parallel cable. Linux could route packets between the LAN and parallel-cable network. But DOS games find each other with local broadcasts which don't forward. No game had a function to specify a network address to connect to. I needed to bridge the networks. Linux could bridge ethernet, but the parallel network wasn't ethernet. So I copied the source of a kernel module and modified it to bridge IPX packets between the LAN network and the parallel-cable network.
It worked! My friends and I could play THREE-PLAYER games! DN3D, C&C Red Alert, Quake, Descent, Terminal Velocity, etc. Network drive sharing even worked. It was glorious.
Hahaha this is great. Reminds me of my first suspension from school when I used MS Word hyperlinks to get to all the drives "hidden" by the network admins. This included the homework mailbox drives, so naturally I found my least favourite teacher's inbox, hid the folder with the work in it and then created a pair of links pointing to one another. Good times. I wouldn't have been found out if I hadn't removed the graphic for the login screen and replaced it with the Christmas version in May... and then bragged about it when everyone in my class noticed.
Bragging, a very similar thing was my downfall back when I was much younger.
In middle school I had this weird idea to collect everyone's ID number. It, coupled with your name, would log you into everything on the computers. To this day I don't know why I wanted this info other than to have it. I never once used it for any purpose, I think I tested 1 or 2 but never touched any files. I had a HyperStudio stack (saved to my network drive) that had hidden buttons and a certain sequence you had to press them to get to the "database" (just text entry field that I saved 1 name and 1 ID number per line). It was painfully easy to collect the numbers as most kids had their class schedule on the outside or inside of their binder they carried around. The ID number was only 6 or 8 digits so it was easy to memorize, write down, and store in HyperStudio later.
But alas, stupid younger me thought it would be a good comeback to rattle off someone's ID number when they were picking on me one time which led to a 3 day in-school suspension and loss of computer privileges till the end of the year. They made me show the IT guy where I had stored the numbers (how to navigate my HyperStudio project) and phrases like "hacking" and "hacker" were thrown around even though this was literally equivalent to writing the numbers in a notebook but since I had used a computer to store the data it became a way bigger thing in their minds. Even "funnier" (not to me at the time) I had a friend that helped me collect the numbers (again, this was stupid easy, felt like a fun game to figure out how to get it, and who could collect more the fastest) who got a lighter punishment and didn't lose computer access.
Fast forward to high school and I ended up writing 2 different PHP-based apps for the school. A library attendance program that teachers used to mark that they were sending kids to the library that the library could see (so they didn't just skip school I guess? Or goof off in the halls) and to keep track of who was in the library and how long they had been there. I also wrote an online voting platform for the school that they could re-use for things like Homecoming court/Prom court/Senior superlatives/etc. The reason I bring up both of these? The high school gave me a massive CSV of all the students in the school.... and their ID number to be used for login to the platforms. I still get a good chuckle out of that.
It's funny how changing grades is a pretty common trope but surprisingly not that hard to do back in the old days. I remember reporting an issue where the school district had their reporting tool just open to the internet.
I don't know how I didn't get in trouble for all the snooping around I did.
You could also open restricted system preference panes by searching for a relevant term in Spotlight and going to a User Guide article. Often they would have a link to open the preference pane which would bypass any restrictions.
Hmm, let's see. It would have been 2004-2008 IIRC. I think I did it at the tail end of that time period though. I want to say that it was on the gumdrop shaped macs but I know the school got some of the first iMacs around that time as well. The new iMacs were awesome to me because I could carry around an external hard drive and boot the newest macOS (Mac OS then) off it. It meant I had root and that coupled with a proxy gave me a fully unlocked computer.
> I want to say that it was on the gumdrop shapes macs but I know the school got some of the first iMacs around that time as well.
The "gumdrop shaped macs" were the first iMacs and were released in 1998 (I remember this well because that was around the time I worked for a publishing company so had to deal with MacOS 8 and 9 a lot as well as wiring a gigabit Apple Talk network (at the time that was very futuristic).
I had similar tails of exploiting my school network. Though it was Windows 3 and I way playing Wolf3D loaded via a program called something like "Object Manager" that allowed you to embed data into winword (might have been related to OLE?). Those machines were null terminals so the game was installed into my user area. Unsurprisingly I got caught but thankfully deleted the executable just moments before hand so I only had to make an excuse for the WAD files.
At college I upped my game and write a RAT which I installed on every PC on the network. I actually managed to get away with that one, albeit there were a couple of near misses. One time I got caught because some mates sat next to me were playing games. When questioned what I was doing I confessed to the lesser crime of also playing games because writing malware would surely have seen me suspended (or worse) rather than having my IT privileges revoked for 24 hours! That college did eventually find the RAT on the network but only after I left, but assumed it was someone else. It wasn't until my brother got a job at the college IT department ~5 years later when they realised it was me who installed the software.
> The "gumdrop shaped macs" were the first iMacs and were released in 1998
Ahh, my bad. This was early-days for my "paying attention to macs". I only used them at all because that was all the school had, I was a die-hard, PC-master-race, build-your-own-computer, windows user at this point. So yeah, we had the gumdrop shaped iMacs and then we upgraded to the chunky white-bodied-on-a-stand iMacs. We did have a few Mac Pros in the library (for video editing) and in the shop class (for 3D modeling), the cheesegrater style ones.
In a way, the ever-increasing restrictions during my final year at school pushed us into exploiting various flaws in their setup for a couple of reasons. Primarily, they were arduous - by the middle of the year, any window with a title containing certain strings, even ones as innocuous as "Firefox", would be closed automatically without warning. It got in the way of legitimate activities - a number of teachers also found ways to avoid them as sites they needed were often blocked. It was also interesting to keep having to find new ways to get around it ("CGI proxies"[1] found via Google -> self-hosted proxies -> wildcard domains to bypass filter lists -> access via IP and random port -> local admin exploit to disable protection/monitoring software).
In the process, we discovered that the security was rather inadequate. A VNC server was installed on all machines, including staff machines, with the very imaginative password of "vnc" (not hard to guess once you see a member of staff typing in a three character password), and we shoulder-surfed a domain admin password and it was just "school". This was later changed[2], but we bruteforced a cached hash[3] and found it was just the name of the school with a '0' in place of an 'o'. We had a 'shadow' domain admin account for _months_ before it was noticed, even after the staff were aware people were poking at holes in the system (someone else had sent a Window messenger service message to the entire domain around the same time).
We never really used it for anything though - we created the domain admin account to see if we could, then it basically went unused after that. We only got caught after someone else used a script to change the local admin password on every computer (I'm still not entirely sure why). It did provide an interesting lesson in OPSEC though - it was only tied back to us as they were tracking USD device names, and someone called their USB drive "<surname> USB" and still had it connected when logging into the domain admin account.
The punishment was to spend a week working with the IT technicians (mostly doing busy work such as cable managing rooms and tracking down serial numbers/asset tags), which gave us plenty of time to fully explain the flaws we found. I think they took security more seriously after that.
[2] we had no malicious intent, so upon realising that gave you read/write access to everyone's files, we left an anonymous note containing the login details at the IT technicians' office hoping they would improve things. Some of the teaching staff were also aware, and their only advice was essentially "Don't get caught" (and one asked for a copy of the Ophcrack live CD).
[3] Booted from an Ophcrack live CD, something that was "fixed" by removing the CD drive from every machine in the school
Hmm, I wonder if this is the root cause of something my friend group found in high school. We had macs that were locked down and I think it was something the system did vs third-party software but I could be mistaken. Pretty much you could only launch certain applications and you couldn't edit and preferences/settings for the system. Being kids we wanted to play Starcraft so I brought in a bunch of copies to play during our free period. Unfortunately you couldn't launch the Starcraft app. I still don't remember how we even figured it out but you could go into Safari and change the default browser to Terminal, then you could open up a word doc, type a link, and click it (or anything that would cause the system to open a link when you weren't already in a browser). That would launch Terminal but with a level of permissions that you couldn't get by launching it directly (or maybe it was that we couldn't even open Terminal directly, it's been a while). Once you had this "system-permissions-Terminal" launched you could type "open /path/to/Starcraft/launcher" and boom, Starcraft would launch and it was off the races.
Good times. Our teacher questioned how we could play games and if it was allowed but was placated with the explanation "The computers are all locked down so the ability to play this game means it must be ok to play". A bit of circular-logic and misdirection but this was still in period where all the teachers were woefully behind on technology and how it worked.