NSA Intern Mac OS

Posted on  by

A former NSA staffer turned security researcher is warning that bypassing typical OS X security tools is trivial.

Patrick Wardle, a former NSA staffer and NASA intern who now heads up research at crowd-sourced security intelligence firm Synack, found that Apple's defensive Gatekeeper technology can be bypassed allowing unsigned code to run. Apple's Gatekeeper utility is pre-installed in Mac OS X PCs and used to verify code. The tool is designed so that by default it will only allow signed code to run or, depending on settings, only packages from the Mac App Store.

The Summer Internships are 12-week programs held at NSA headquarters in Fort Meade, MD from late May through mid-August. Students will receive annual, sick, and federal holiday leave and are paid a competitive salary based on education level. 8 National Security Agency Intern interview questions and 7 interview reviews. Free interview details posted anonymously by National Security Agency interview candidates.

Apple's built-in mechanisms - Gatekeeper, XProtect anti-malware, sandboxing and kernel code-signing requirements - are 'easy to get around' and 'trivially exploitable', according to Wardle.

Wardle said he worked closely with Apple's internal security teams describing them as 'responsive' while noting the wider consumer electronics firm had yet to embrace a culture where “comprehensive security is baked into their OS X systems' from the onset. By contrast to OS X, iOS has solid security baked in, according to Wardle.

A bug bounty from Apple - along the lines of schemes introduced by Google, Microsoft and many others - would be beneficial, according to Wardle whose firm Synack would stand to benefit from such a scheme. 'Google products have themselves, become more secure because of bug bounties,' Wardle said. 'Introducing them seems to be a no brainer.'

During the course of his research Wardle also found a way to circumvent Apple's recent fix for the 'rootpipe' privilege escalation vulnerability in OS X. Wardle also coded his own malware to see if a variety of third-party anti-malware utilities could detect it. They all failed.

El Reg caught up with Wardle after a well received tour presenting his research that took him to Infiltrate in Miami and the RSA Conference in San Francisco last month. He explained that he hoped his Infiltrate talk, entitled Writing Bad@ss OS X Malware (pdf), would encourage Mac defenders to up their game.

'The state of OS X malware is amateur, even basic,' Wardle told El Reg. “It relies on trivially detectable persistence mechanisms and generally relies on infecting users via social engineering tricks such as offering ‘free [but infected] copies of PhotoShop’.”

Mac malwares remain measurable in the hundreds or thousands. Mac desktop anti-virus developers can detect most of the nasties out there even though they remain ill-prepared for the type of advanced malware nation states might be able to put together, according to Wardle.

'AV [anti-virus] developers seem to be resting on their laurels,' Wardle explained. 'For example, Windows anti-virus offers heuristics and runtime behavioral analysis, but Mac may not.”

Up until recently all Mac security software packages downloaded over unencrypted http connections, relying on Garekeeper for code verification. Because Wardle uncovered a way to bypass Gatekeeper, this opens the door to man-in-the-middle or other attacks.

'More advanced attackers, such as nation states, would be able to see a download in progress before injecting code into legitimate downloads,' Wardle explained.

Apple might like to lock down Macs and 'impose more control of third party code' but this is more difficult to impose on desktop systems than on smartphones and tablets running iOS, according to Wardle.

Asked whether he was concerned that his research might be giving bad guys ideas they hadn't thought of themselves, Wardle justified his work.

'Advanced adversaries are likely already doing these things,' he said, adding by way of example the Rootpipe zero-day privileged execution vulnerability [CVE-2015-1130) that - once publicly disclosed - was subsequently found in OS X malware that predated the vulnerability being reported to Apple.

Since Wardle first published his research some vendors have switched to downloads over secure (https) connections.

'I love Mac products. I have an iPhone and iPad and I want them to be secure,' he said, adding that he had released a set of free software tools to secure Macs, available at objective-see.com.

Another problem is that Apple's desktop OS allows locally unsigned apps to run. Once hackers have compromised a machine they can take a signed binary and add their own code before re-signing it.

'OS X won't detect that an app that used to be signed is no longer signed,' and still allows it to run, Wardle explained.

OS X is also vulnerable to dynamic library hijack attacks, through abusing undocumented features of OS X’s dynamic loader. This new class of attacks - similar to far more established DLL hijacking attacks in Windows - gives hackers another means to attack Macs.

Wardle's research also covered the possible use of encrypted Mac malware binaries and rootkit-like stealth techniques, as explained in much greater depth in slides from his RSAC presentation here (pdf). ®

Get ourTech Resources

NSA Hires High School Students for Work Study, Internships and Scholarship

October 19, 2020

Even if you haven’t started college yet, it’s never too early to start thinking about the career you want – and getting paid experience in it.

The National Security Agency is seeking high school juniors who live within commuting distance of an NSA facility to join its High School Work Study Program. High school seniors are invited to apply for the Stokes Educational Scholarship Program or an internship in STEM or foreign language.

Alexis, who participated in the high school work study program from 2017-2018, says her experience was “mind blowing” and the best decision she ever made.

“It was an opportunity that truly changed my life and has me set up for an amazing future,” she says. “Now I am a 20-year-old college student getting everything paid for, while working full-time in a position I absolutely love in an agency that has benefits galore.”

High School Work Study

High School juniors must apply by Oct. 31, to be considered for this part-time paid work opportunity at one of these locations: NSA headquarters in Maryland, Alaska, Colorado, Georgia, Hawaii, Texas or Utah. You will work a minimum of 20 hours per week, during your senior year in one of these positions:

  • Business
  • Computers

At Fort Meade, students can also work in these fields:

  • Engineering
  • Manufacturing
  • Construction
  • Graphic Arts
  • Chinese Language or Russian Language

You must have a minimum of two courses in your desired field of study and a minimum GPA of 2.5 (unweighted). Students must be 16 years old by Dec. 31 of their high school junior year.

Stokes Educational Scholarship Program

The Stokes Educational Scholarship Program is open now through Oct. 31 to high-performing high school seniors, particularly minorities, who plan to pursue degrees in Computer Science or Computer/Electrical Engineering.

You’ll receive up to $30K in tuition assistance and education fees per academic year while attending school full-time. Plus, you’ll earn a year-round salary.

Even better, once you graduate college, you'll have a job waiting for you at NSA. You'll be required to work at the agency for at least 1.5 times your length of study upon graduation.

Due to the COVID-19 pandemic, program requirements have changed. In lieu of SAT/ACT test scores and AP/IB exam scores, high school transcripts must show a minimum of one physics or calculus course, and a combination of two courses (minimum) of computer science, computer programming or engineering.

Application requirements for the 2021 Stokes Educational Scholarship package are:

  • Resume
  • One-page essay: 'Why I Want a Career at the National Security Agency (NSA)'
  • GPA minimum of 3.0 out of 4.0 scale (unweighted)
  • Official transcripts from high school (and college for consideration)
  • Two letters of recommendation (both must be from teachers of technical courses)
  • Due to the COVID-19 pandemic, in lieu of SAT/ACT test scores and AP/IB exam scores:
    • High school/college transcripts must show a minimum of one physics or calculus course
    • A combination of two courses (minimum) of computer science, computer programming or engineering

Gifted and Talented (G&T) Internship Programs

G&T STEM is open to high school seniors with at least an AP/IB Physics and AP/IB Calculus course, and either a computer science, computer programming or an engineering course by senior year.

Intern

New this year, the G&T Language Program is open to high school seniors who are taking AP language courses and are proficient in Chinese, Russian, Korean, Farsi or Arabic.

In either program, you’ll work full-time for 10-12 weeks during the summer following high school graduation. Students must be 16 years of age to begin the program and have at least one Physics or Calculus course and a combination of two courses in either Computer Science, Computer Programming or Engineering. GPA of 3.5 (unweighted) or above is preferred. The deadline to apply for either of these internships is Oct. 31.

Nsa Intern Mac Os Download

Besides gaining valuable paid work experience, participants in any of these programs can also take advantage of mentorship and training opportunities, and be considered to stay on at NSA once their assignment is over.

Nsa Intern Mac Os Catalina

'It’s an amazing opportunity because after they’re done with the program, they’ll have a security clearance, and then they can convert to a full-time job or even a part-time job,” says Lora Hornage, Program Director at NSA.

Nsa Intern Mac Os 11

Visit our Student Programs page for more information about NSA opportunities.

Nsa Intern Mac Os X