Hacker Read

michaelt | karma 31037 | avg karma 4.1 · 2019-03-04 05:07:34

https://xkcd.com/1200/ points out that if malicious code runs as a user they can read my e-mails, access all my files, and keylog my passwords. By escalating to root, they can... what? Install OS updates and drivers? Mount and unmount disks? Access the serial port? Persist their access in a slightly harder to detect manner?

Of course, it's a different matter for shared computers in school computer labs. Or if mac servers were a thing.

reply

saagarjha | karma 56017 | avg karma 2.29 · 2019-03-04 11:44:55+00:00

It would be difficult for an arbitrary process to do that on macOS. They can access your files, but your passwords are in the keychain and emails in a data vault, both of which require permission to access.

chapium | karma 1497 | avg karma 1.66 · 2019-03-04 08:09:59

Install ransomware that is annoying to remove.

darkpuma | karma 3018 | avg karma 1.66 · 2019-03-04 09:13:17

Does it really matter if the ransomware is easy to remove? If you remove the ransomware, your files will still be encrypted.

chapium | karma 1497 | avg karma 1.66 · 2019-03-05 01:09:07+00:00

Solid point.