November 8, 2005
Mac Security: Identifying Changes to the File System
Editor's note: Before you get knee-deep into this very interesting article that discusses, among other things, a hacker's toolbox know as rootkit, I want to point out two things. First, the way "hacker" is referred to in this article is in the nefarious sense, as in "black hat," not in the playful spirit of the phrase that we usually think of. Second, keep in mind this passage from the author: "There are few rootkits tailored for BSD (the codebase underlying OS X) and none specifically for the Macintosh. Talk of Macintosh rootkits is less credible than Elvis sightings, but as we are at heart running a Unix system, a generic Unix rootkit could be deployed on your Macintosh. Just remember that security is all about planning for the worst case; it pays to be paranoid. However, the sky is not falling; not today, at least." That being said, enjoy this piece. It's fascinating.