Ancient flaws leave OS X vulnerable?

By Munir Kotadia, ZDNet Australia
25 January 2006 02:11 PM
Tags: archibald, bug, osx, neil, mac, flaw, software, os x
OS X contains unpatched security flaws of a type that were fixed on alternative operating systems more than a decade ago, according to a security researcher credited with finding numerous bugs in Apple's increasingly popular platform.

Neil Archibald, senior security researcher at software security specialists Suresec, told ZDNet Australia  that as Apple's market share increases, OS X will come under more scrutiny by security researchers, who he believes will find plenty of "low-hanging bugs".

Archibald, who has already discovered a number of security vulnerabilities in OS X, speculates that should Apple's market share continue to increase, users of the platform could actually end up less secure than users of other platforms such as Microsoft Windows or Linux.

"The only thing which has kept Mac OS X relatively safe up until now is the fact that the market share is significantly lower than that of Microsoft Windows or the more common UNIX platforms.... If this situation was to change, in my opinion, things could be a lot worse on Mac OS X than they currently are on other operating systems, regarding security vulnerabilities," said Archibald.

Archibald said his opinion is justified because Apple does not use software auditing tools to scan enough of its software. These types of tools have been heavily employed by Microsoft since the company launched its Trustworthy Computing initiative, in order to discover simple coding mistakes that could allow, for example, buffer overflow errors.

"The code that Apple uses in its applications and libraries is relatively under-audited, which leaves a lot of low hanging bugs.... Some of the security vulnerabilities we've seen during research on OS X were fixed on most other operating systems 10 to 15 years ago," said Archibald.

To prove his point, Archibald gave a number of examples.

In August last year, Apple patched the "dsidentity" bug, which was discovered by Archibald and affected OS X versions 10.4.x up to 10.4.2.

This "trivial" bug, according to Archibald, could easily have been exploited to grant a non-privileged user with admin rights and allow that user to create and remove "root" user accounts.

"Bugs like this require a simple glance over the code to notice and are long dead on other operating systems.... When we spoke to Apple on the phone about this issue, the security team had never even heard of the application, and burst out laughing at the simplicity of the vulnerability," said Archibald.

He also described another recently patched flaw in OS X's memory allocator that could allow certain applications to overwrite any file on the system and gain root privileges.

Another vulnerability described by Archibald could allow memory corruption and hand control of a process over to an attacker: "At the time of writing, the vulnerability remains unpatched. However Apple is aware it exists."

Software auditing is not the only thing Apple underutilises, according to Archibald, who also criticised the manner in which the Mac maker deals with security researchers that discover vulnerabilities.

"In my experience -- which is also the experience of some of my peers -- Apple has been very slow to respond to reported security vulnerabilities. It expects security researchers to wait indefinitely to release the vulnerabilities and offers no incentive for them to do so," said Archibald.

Apple's impressive security record is likely to be tarnished if the company continues to grow its market share while undervaluing security researchers and not properly auditing its code: "During the small time Suresec researchers spent auditing Mac OS X, many vulnerabilities like this turned up. Suresec is currently aware of many bugs which exist by default in the latest version of Mac OS X, on both the Intel and PPC Architecture."

Apple refused to comment on Archibald's views. A spokesperson for Apple told ZDNet Australia  that the company is "not going to comment on what other people say about Mac OS X".

"There's a lot of information on Mac OS X security on our Web site and we've done a great deal to ensure Mac OS X is a stable and secure platform for our customers, large and small," the spokesperson added.

Advertisement

Print feature brought to you by Adobe

Talkback 93 comments

    Sounds like someone didn't make a sale... Chris McLay -- 26/01/06 (in reply to #120127945)

    Given SureSec offers code auditing services on their home page it makes this whole article a little fishy, no matter what the truth is. Sounds like Apple said they weren't interested in paying and this is the price...

    I agree - This is Blackmail Anonymous -- 26/01/06 (in reply to #120127946)

    This article is nothing more than blackmail - or these security "specialists" are blackmailing Apple. Pay us to use our tools or we'll expose your vulnerabilities. It is the publishing of vulnerabilities that makes them a problem.

    Just because.. Anonymous -- 26/01/06 (in reply to #120127949)

    His point seems to be more about the fact that he HAS shown them security holes and they don't seem to find it worthy of being fixed in any amount of time. You, as a Mac user, don't find a problem with that?

    I wish I knew you enough to be able to count the number of times that you point out how solid Mac is. One of the vulnerabilities that he points out is so ridiculous that it makes the developers laugh at the simplicity of the mistake... yet, apparently it granted root acces??? Man, if that were MS you would be all over it. I don't have to know you to know that, the whole world can tell by your cynicism

    I suggest that you be a little more concerned about your OS' security or you will end up taking it on the chin like all of those Windows users who, I'm sure, you make fun of all of the time.

    blackmail? moron... Anonymous -- 26/01/06 (in reply to #120127971)

    Wether or not Apple has engaged Suresec or Suresec has had rejected proposals to undertake work is irrelevant.

    The vulnerabilities DO exist. Suresec didn't create them.

    The bug being addressed is i'd say the integer overflow in kernel code that affects malloc() amongst other things. It's a pretty poor effort on Apple's part to have this bug present. There was a similar bug in solaris (nowhere near as obvious) that was fixed a great deal of time ago.

    I don't see how you can consider this blackmail. There is a lot of debate over full vs non disclosure of bugs etc. which i will leave off here. A point made in this article was that Apple need to incorporate better quality assurance policies internally. INTERNALLY.

    Before you accuse people of blackmail maybe you should get the facts.

    Read the Article Again Anonymous -- 27/01/06 (in reply to #120127977)

    The bugs he mentioned were all fixed!! Read the article again. He later states there are many other bugs that he knows of but does not mention. The question is if they do exist and Apple is this hard to deal with why doesn't he publish the one's that have not been fixed yet?

    There is only one logical explanation I can think of BLACKMAIL!

    Blackmail - don't be silly Ian Betteridge -- 27/01/06 (in reply to #120128028)

    The reason he doesn't publically expose the issues he's discovered is because that would be stupid and irresponsible.

    Another simple windows user Anonymous -- 19/02/06 (in reply to #120127971)

    Why do some people always take up an issue which includes the Macintosh as a Apple vs PC (homebrand) debate. The debate was about whether companies pay to scare people into purchasing virus protectors. The other debate, Apple versus generic systems could be played out elsewhere so as not to complicate the issue.

    I think you (and other posters) are incredibly naiive. Some Random Developer -- 27/01/06 (in reply to #120127949)

    First let me establish right off the bat that I'm not a mac-basher. I'm a lifelong mac user & developer, and have avoided windows at all costs for my entire career (& I was a programmer before macs exisited, btw)

    But your attitude is incredibly naiive. Irregardless of their motive, everything they are saying either is verifiably true or rings true.

    Computer security is a complex ecosystem. We would be far FAR worse off without the whitehat corporate "blackmailers". There are lots of blackhats finding vulnerabilities and profiting from them -- the more whitehats finding them first and using whatever means necessary to get them fixed, the better off we are. And they should profit from what they do, just like everybody else profits when they provide a service.

    Would you really really prefer the whitehats ignored os x until os x had already become widespread enough for it to be profitable/fun for the blackhats to hack at it? If so, what can I say: you're stupid and naiive, and completely deserve to lose the contents of your hard drive in the next year or so.

    Unpublised vulnerabilities no problem? Anonymous -- 27/01/06 (in reply to #120127949)

    "It is the publishing of vulnerabilities that makes them a problem."

    Hopefully you have had some time to think since you posted this comment.

    How many software vulnerabilities caused problems before they were ever published or even shared among the cracker/vandal community? Admittedly even more attcks are created and executed after the bug fixes are posted by the companies whose product is vulnerable. Should they stop fixing the bugs because they are just creating more problems? Obviously this is illogical and unsupportable.

    agreed Anonymous -- 26/01/06 (in reply to #120127946)

    Guess what, I just established a security consortium that has discovered 28876 critical security vulnerabilities in Mac OS X, and unless Apple buys my software package, I'm going to start submitting flamebait to zdnet too.

    You Still Have to be Stupid to Kill OS X Bryan Jones -- 26/01/06

    I'm sure there are a few small quirks in the millions of lines of code that make up OS X. I'm sure someone could write an app to take advantage of at least one and do some stuff I wouldn't like.

    But for that to happen, I have to enter my password. The point is: OS X can't be compromised by simply visiting a website with some malware that automatically downloads and runs. I know - I've tried. Safari simply tells me: "This is an application. Are you sure you want to download it?"

    And then, even if I mistakenly click "yes" and EVEN if the downloaded program automatically runs (not likely) I STILL get a password prompt. The only way it could be more direct is if the prompt text read: "Hey, retard, this is gonna screw something up. Maybe you wanna check this out."

    Until someone finds a way to get around the password prompt for root access, I think I'm pretty safe and sound.

    Also - I don't think the "security by obscurity" argument is valid. There's quite a few bragging rights to be had by the hacker who first brings OS X to its knees. For 5 years that hasn't happened. I think that says a thing or two about the OS.

    And since I'm sure you use Windows, enjoy your next ActiveX-sponsored virus, Archibald.

    It's ok Simon Herbert -- 26/01/06 (in reply to #120127964)

    Understanding computer security, and how flaws are exploited, isn't for everyone.

    Yeah Right Anonymous -- 11/03/06 (in reply to #120127964)

    rm my Mac didn't require a password. The whole idea was to see if root could be got.

    It was. In less than thirty minutes, do-do.

    Mr Archibald is a respected authority who has helped Apple in the past. He deserves better than to be insulted by a slob like you. You two aren't even on the same educational level. Mr Archibald is a respected security expert who has helped Apple and you aren't respected.

    A little ignorant Anonymous -- 04/02/07 (in reply to #120127964)

    Personally my windows machines have never been "brought to their knees" in the decades I've been running them.

    I know Neil very well, your last comment was amusing since he uses Linux primarily.

    getting around the password prompt for root Anonymous -- 26/01/06

    Both advisories that get linked to in this aricle do just that, GET AROUND THE PASSWORD PROMPT FOR ROOT !!!
    also, in one of the latest apple advisories there is a bugfix for a heap based bufferoverflow (which apparently was found by Mr. Archibald) if exploited it could install malware on your box without even knowing about it.

    ... Anonymous -- 26/01/06 (in reply to #120127967)

    What I meant to type was:
    ... a heap based bufferoverflow for safari ...

    Getting Around the Password Anonymous -- 27/01/06 (in reply to #120127967)

    In OSX, the Root user is disabled as a default. The user has to specifically enable it, using relatively obscure software, before Root can be used.

    OSX Anonymous -- 26/01/06

    Arch, here is a good definition of what your trying to get at.

    verb 1 he was blackmailing to extort money from, threaten; informal demand hush money from.

    And, for you Anonymous -- 26/01/06 (in reply to #120127969)

    This is what google has to say:

    Definitions of stupid on the Web:

    * lacking or marked by lack of intellectual acuity
    * dazed: in a state of mental numbness especially as resulting from shock; "he had a dazed expression on his face"; "lay semiconscious, stunned (or stupefied) by the blow"; "was stupid from fatigue"
    * a person who is not very bright; "The economy, stupid!"
    * unintelligent: lacking intelligence; "a dull job with lazy and unintelligent co-workers"
    wordnet.princeton.edu/perl/webwn

    Clearly, we do not know the full story behind everything that has been happening here, and these comments are just jumping to conclusions.

    I am thankful that their are people who are making the internet a safer place for us all.

    Apple should use Coverity/Stanford Checker Adam Gonya -- 26/01/06

    The linux team is using Coverity (prveiously it was the Stanford Checker) and has found thousands of bugs.

    Apple, spend some of that hard-earned money on better tools.

    lint doesn't cut it.

    Does anyone have any valid, logical statistics about exploitable bugs for 2005 f Bob Jones -- 26/01/06

    I would be very interested in seeing some valid statistics of exploitable bugs per the 3 vedors mentioned in the above.

    Valid means that the people doing the statistics should be impartial as possible, and the results should stand up to logical analysis.

    Preferably, can people who aren't ./fanboys respond to this thread?

    I think I saw some results somewhere saying Apple came close (or over) to issuing more product updates than Microsoft.

    # of Updates != Less Secure Anonymous -- 26/01/06 (in reply to #120127973)

    Do you measure your net worth by Number of Days Spent At Work? Why would you measure security in number of updates? Apple's updates fix the relatively few flaws they have. Microsoft rolls up many serious security flaws (most exploitable) into big updates these days because they used to issue many per week and it annoyed people. The sad fact is,there are far more exploitable flaws discovered in Windows each month that are *not fixed*. Apple issues patches for *vulnerabilities* (ie, no known exploit) within a week of discovery (sometimes within days).

    I'm sorry, guys, but since I'm a system engineer and security analyst with real, hands-on experience in many platforms, when you make these claims, I have no choice but to dismiss you immediately as talking out your a$$. I have no respect for 'professionals' who don't do their research.

    lol Anonymous -- 27/01/06 (in reply to #120127989)

    You claim to be a security analyst but fail to recognize that there are not many people searching for security flaws in Mac OS X ... and thus there are of course not as many known security issues as in other OS!

    extra security??? Anonymous -- 26/01/06

    does ne1 now if their is extra security avalable for mac's?

    like microsft's NX bit? wat about ppc support?

    does lunix have that as well?

    Use antivirus software Anonymous -- 26/01/06 (in reply to #120127974)

    like ClamXav or norton

    http://www.pure-mac.com/virus.html

    has more info on what you can do to protect your mac against viruses

    What viruses? Anonymous -- 27/01/06 (in reply to #120127975)

    I'm not saying I never expect a virus to appear but why should I install ClamX when there are none to deal with? When the first one comes around they probably won't have a signature for it yet and if they do it'll make all the news pages that same minute!

    some facts Anonymous -- 26/01/06

    we disclosed to apple way back in may 2005 some 20+ bugs which were very critical , we even had working exploits for most of them.
    we never spoke to anyone about it till most of them got fixed , we could have made a huge media out of it but we did want to be this media **** company who goes after vendors for fame .
    Even now we are not ticked off with anything its just we spoke to one of the zdnet reporter who contacted us (mind you ) about things in general nothing aimed at apple security

    re: some facts James Bailey -- 27/01/06 (in reply to #120127976)

    As a long time Mac user, all I can say is thanks. Apple is not immune from security vulnerabilities and anyone who takes the responsible approach and reports those vulnerabilities to the vendor with a limited amount of hype is OK in my book.

    Isn't it interesting... Anonymous -- 26/01/06

    Isn't it interesting that as the road to Vista ramps up there are more and more of these articles claiming this and that about OSX - all of it negative. Like the one about the flaws in the new Intel processors - as though its the only processor with flaws! And this article saying the OSX users could be less secure than users of other OSes like Windows! Where is the justification for that comment? With the root user disabled by default on OSX (except Server) even if something manages to get in it can do limited damage. Stop the media hype to try to sell more advertising and just tell the truth - "There are some old security flaws in OSX that Apple will need to fix" - and for crying out loud get out of Microsoft's pocket?

    root user disabled ? Anonymous -- 26/01/06 (in reply to #120127978)

    Excuse me ? so you can't login as root, that doesn't mean you can't become root thru some bug on OSX, the kernel doesnt know nor does it care that the root user (more specifically uid 0) is disabled. To the kernel all request made by the root user will still work.

    root's not disabled at all Anonymous -- 27/01/06 (in reply to #120127979)

    you're right about that - perhaps logging in as root is prohibited, i haven't looked. i've only had this powerbook a few days. but start a terminal, type "sudo bash", type your password and you're in a root shell. it's fully functional. imo if apple is responsive with fixing flaws as they're found and reported, osx will probably be ok.

    Root vs. sudo Anonymous -- 27/01/06 (in reply to #120127991)

    There is a difference between sudo and root. Root is an all open access, meaning once it's open anything can inadvertantly or intentionally run with root permissions. SUDO command keeps the root account closed but permit action on a command by command basis. Now again, yes if someone has your admin account and pass, they'll be able to access root level commands with the sudo command, but the question here then is how does someone obtain your password. We go back to initial points already discussed, verification and social engineering which have nothing to do with the sudo feature at all.

    RE: sudo vs root Anonymous -- 27/01/06 (in reply to #120128003)

    Mr. Archibald has pointed to 2 advisories that document how one would obtain root privileges on OSX, without entering any kind of password.

    root/sudo/uid 0 Anonymous -- 27/01/06 (in reply to #120128003)

    How Stuff Works 101...

    The sudo command does the following roughly:

    setuid(0);
    execve(cmd);

    Thus creating a process which runs under the uid 0 (root or whatever you want to call it). Now if you want to split hairs try this #sudo bash.... Oh whats that... a root shell??? nooooo it couldn't be, I thought root was disabled... so to summarize:

    stfu

    sudo bash Anonymous -- 07/03/06 (in reply to #120127991)

    I like sudo bash. Very convenient. You still need a password which keeps the kids from mucking around in root.

    Five years ... Anonymous -- 26/01/06

    It's been five years since 10.0's release and still no viruses. There have been vulnerabilities with no known exploits (due to Apple's responsiveness with fixing flaws). I'm constantly repairing Windows systems that are well-patched and well-maintained (I'm a security analyst), yet my own OS X box has had not one single problem. Only a matter of time, huh? Do let me know when that time is. I'll be waiting.

    Five Years So What? Steve Jenkens -- 13/02/06 (in reply to #120127987)

    "I'm constantly repairing Windows systems that are well-patched and well-maintained (I'm a security analyst)".

    Some secruity analyst. If you are what you say you are, then please send me your resume so I can put it in the NEVER HIRE pile! Please, "my own OS X box has had not one single problem." So I suppose you bring your personal computer into work with you and let everyone play with it? If not, why did you say that? I have a network at home. So! I run 7 computers with XP and 2 servers, one .net and the other 2k. So! I don't have any and can honestly say never have been infected with a virus. That doesn't mean they have not gotten onto my server. Boys come over and download there stupid keygens for this and that and guess what my 'anti-virus' program catches it and quarenteens it. My point? Just that any IT person worth the piece of paper they say they have know that people in offices do stupid things with the office computers. They open email attachments and click on banners saying "xxx software has been detected on your pc, click here to remove it". Go preach to someone else. Put a network of Macs together and have your wonderful co-workers work their phone messaging system and accounting software and whatever software that a normal person would use in their every day life uses on a PC Compatible and guess what, Macs will mess up just as much as the other side.

    The point? Everyone knows that Microsoft has issues, big deal, if you feel that Apple doesn't, then you need to go back to school. Microsoft finds out about a security opening and they get to work to fix it. While there are many issues (just try installing XP without any service pack with a direct connection to the internet and you can time inbound worms with an egg timer), at least the ones which are fixed in Windows 2k don't re-appear in XP. Which is what this article is about. Get off your horse and quite trying to act smart.

    For the rest of you that say Windows sucks and us real men use...(insert OS here)

    Linux, don't get me started! HOURLY security updates to the kernal! Yeah, that is real secure OS you got there sonny!

    "Well Unix is a very stable OS and OS-X is based off of Unix so I am cool just by association." Get over it, go home and sit in the corner! OK, so there are many Unix based routers spread over the internet, and guess what a D.O.S. hits...Gee mister, could we please have you get down and move to the left side of the room.

    Thanks

    ... Anonymous -- 04/02/07 (in reply to #120127988)

    You Are.

    Broken Link Anonymous -- 27/01/06

    The link which should point to Apple's Security Page doesn't work.

    Complete and Utter Crap! Anonymous -- 27/01/06

    Why do people write this crap?

    Total lies and bullshit.

    Don't bother reading this story or this site.

    About as valuable reporting as a dog turd on the street.

    Apple should sue this scum.

    Another self proclaimed expert. Anonymous -- 27/01/06

    What an absolute load of rubbish. To date no Malware on any Mac OSX system reported. ZD Net should be a little more subjective in what they publish. Every article of this nature only reduces ZD Nets already low credibility.

    Irresponsible Journalism Eric Zylstra -- 27/01/06

    Security vendors make assertions of insecurity. Someone publishes the assertion without (apparently) checking for validity.

    What are the security violations? Is it really true Apple doesn't follow secure coding procedures? What security audits do they do? Do they really not use any code auditing tools?

    The core of Apple's OS has been Open Source, free for review by anyone--hacker and security specialist alike--for over five years. How many exploits have been created? And I'm asking about the OS, not the security tools that have been creating openings for exploits.

    OS X Security Vs Others Anonymous -- 27/01/06

    Give it up , All of you who just "need" Linux or windows. Stop and take a real look at NetBSD and can and was done with it.

    Here are some examples.
    NetApp's OnTapOS is based largely on NetBSD 1.5
    Apple's Userland is based on NetBSD 1.6+
    VxWorks TCP Stack is from NetBSD

    NetBSD http://www.netbsd.org faster , smaller, and based on a better threading 1:1 / MxN Kernel threads ( Much like Solaris and HP/UX) along with UVM NetBSD's VM make a rock solid non-GPL encumbered OS that can be made into what you want it to be. If you have the time and money to sink into making your current platform "secure" take a look at NetBSD and the 54 Platforms it can be run on. If you want to spend money on useless stuff buy me a Burrito . :)

    BSD Anonymous -- 27/01/06 (in reply to #120127997)

    Actually many of these problems with OS X are the exact same problems that were fixed years ago in BSD.

    Trying to drum up business... Anonymous -- 27/01/06

    ...sounds more like it. And, what is with the phrase low-hanging bugs? Shouldn't it be low-hanging fruit?

    The big problem with this story is it cites one so-called security consultant, one source, who refers to other unnamed sources. It just lacks credibility, particularly since the source provides security consulting services, and complains about not getting compensation from Apple. Usually, scaremongering comes under FUD.

    ;PPPppppPppPppPpPPpPppPpp Anonymous -- 27/01/06

    ;PPPppppPppPppPpPPpPppPpp;PPPppppPppPppPpPPpPppPpp;PPPppppPppPppPpPPpPppPpp;PPPppppPppPppPpPPpPppPpp;PPPppppPppPppPpPPpPppPpp;PPPppppPppPppPpPPpPppPpp

    Whee Anonymous -- 30/01/06 (in reply to #120128025)

    Wheeee

    Some Observations About These Comments Anonymous -- 27/01/06

    Two "security exports" have revealed that they clearly aren't

    Several folks didn't even get as far as the fourth paragraph of the original article

    Some are still clinging to the "blackmail" conspiracy theory even after comment 23

    The first step fixing your problems is admitting to yourself that you have them in the first place

    Attacking the messenger doesn't make the message magically go away (besides, none of this is new *news* to *anyone* with half an itsec clue)

    As a few have kindly done, we all should thank those, such as Archibald in this particular case, who have thanklessly and of their own good nature worked to make the field just a tiny little bit better then it was)

    Amen Anonymous -- 27/01/06 (in reply to #120128031)

    Amen

    Amen Anonymous -- 04/02/07 (in reply to #120128031)

    AMEN!

    Irresponsible Security Practioners Jim Bobbins -- 27/01/06

    It's time us Mac users stood up to these irresponsible security practitioners. Exposing vulnerabilities in OSX is just not on guys. For now i've never had any problems with viruses or worms and it's jerks like this Neil guy who are making things bad for all of us. I'm a graphics artist by trade and I don't want to have to worry about this nerd hacker bs.

    I've emailed this jerk and he seems to think he's done nothing wrong, infact he seems to think he's doing the Apple community a service. Let him know what the community really thinks.

    Email him at itl @ nopninjas.org

    I AGREE Derik Agerstien -- 27/01/06 (in reply to #120128044)

    This doesnot affect me directly cos
    I only use the LINUX on the internet.

    But I think virus authors like this
    nemo charecter should be thrown in jaill.

    --
    Derik AKA m4k|-|4kr
    CCNA/MSDN

    signature Jim Allens -- 27/01/06 (in reply to #120128045)

    microsoft rescues the internet once again with their online tutorial

    http://www.microsoft.com/athome/security/children/kidtalk.mspx

    why do you call yourself a mac hacker? does this mean you write viruses as well?

    A little perspective Anonymous -- 28/01/06 (in reply to #120128045)

    Lets pretend for a moment that you have a car... A very pretty car which gets you where you need to go and you love dearly. Now lets pretend for a moment that this car has a small problem. As it turns out there are several simple methods of poping the doors open when they are locked. Additionally there are ways of starting the car without a key. Now, let remember you love your car very very much... Would you want the person who discovered this to tell the manufacturer of your car? Would you instead prefer to drive on, parking your baby in dimly lit lots believing without questioning that "Car manufacturer X knew what they were doing".

    This is all well and good but you had better believe that the people who steal cars for a living will find this before too terribly long. And these are people who aren't going the manufacturer first, or in fact at all.

    So wouldn't it be better to have a highly skilled group of ethical people who are really good at breaking into cars trying to break in first. Couldn't these guys just as easily be compared to doctors? If you had a slow cancer would you like to know about it ahead of time so that you could try to do something about it?

    Nemo, and all the rest of us who work in this field are trying to make the world a better place. Trying to make a world where you can drive your pretty overpriced car without having to worry about some jackass stealing it.

    They reported these finds only to Apple. Apple, is in theory fixing them (if a bit slowly). This article didn't include detailed information on these vulnerabilities, and in fact even if you knew where to look for such things you wouldn't find them. This is because the people who have done this audit are professionals and you don't last long in this field if you publicly disclose your findings before informing the vendor. You make a lot of enemies that way for no good reason. There are a lot of bad people in the world looking for hole for different reasons. If anything you "graphic artists" should be thanking your lucky stars that the better "hackers" are on your side. Otherwise someone might someday steal your precious "art" (as if anyone wanted it in the first place).

    Agreed Anonymous -- 27/01/06 (in reply to #120128044)

    I will be in contact with him to share my two cents worth. I am too busy with my latest project of coffee table rendering to deal with these unwanted worms and viruses.

    I guess I'll have to move to BeOS to continue my work :(

    Thanks Bobbins for tracking down his email, I'm off to mail him now.

    WTF?? Anonymous -- 27/01/06 (in reply to #120128044)

    You MAC users are quiet stange! Most of you bragged about how secure your OS is (we have no worms, viruses blah blah blah)...
    Now after a few MAC-exploits are released you want the security researchers and hackers to stop releasing stuff for OS X?

    i think this is very funny.

    Btw: A (public known) rootkit for the mak does already exist.

    Rootkit? Anonymous -- 29/01/06 (in reply to #120128073)

    Are you talking about Renepo AKA Opener?
    Oooh, that was a nasty one. You had to acquire it yourself since it didn't spread itself, tell the OS in the Terminal (where all newbies and computer illiterates dwell) that the shell script was an exec, and finally grant it root access by providing it with an admin password. Due to this highly infectious nature and ease of spreading the vast amount of infected computers were... 1.
    No, I didnt forget any zeros. There actually was one single instance of this rootkit being reported.

    Win 2k/XP Craig Banks -- 27/01/06

    I just tested this on win2k/XP and it's not vulnerable.

    9x Der1k Agerste1n -- 27/01/06 (in reply to #120128046)

    my prefered operating system is Windows 98 due it's usability and comprehensive system architecture

    close but not quite Andrew Priffiths -- 27/01/06 (in reply to #120128057)

    thats a valiant effort, but you should really try windoze$ ME. it is relatively untouched by hackers

    Internet Charles Farley -- 27/01/06

    I'm on the Internet right now?

    Report offensive content Richard Stallman -- 27/01/06 (in reply to #120128048)

    They also need to have a "Report stupid content" so it can be deleted -- that said, with all the stupid comments in a reply to this story, I don't think there would be any.

    Reply to.... Anonymous -- 04/02/06 (in reply to #120128050)

    Your including your own then?

    firewalling Juan Miguel -- 27/01/06

    if you use a firewall are you vulnerable? i am useing 2 different firewall vendors just to be safe.
    also i am connected via ethernet NAT proxy so i dont think there are any hackers that can break those ports yet!

    Yes Take 2 Tablets -- 27/01/06 (in reply to #120128051)

    You have to use the networkbox to ensure you're safe from internet viruses and korean cyber pirates who like to pillage domains

    Good story; we need more open dialog about Apple security Delta Cephei -- 27/01/06

    I've been concerned for some time now about Apple's stance, and increasingly elitist attitude. It's quite interesting to see the Jobsian disciples here and elsewhere angrily defending their Platform Lord, but questioning and checking can only lead to a better system. What's the big deal? I don't believe in the 'security by obscurity' argument. I do believe that the general arrogance of Apple is causing them to think they are ahead in the security game. They are blind, and further security inquiries, along with malware detection is needed. The BSDs can state they are ahead and I buy it, but not Apple.

    nice one Derik Agerstien -- 27/01/06

    There's two meanings. I fall into both. The code hacker, who lives to program and does it the hard way, and the system hacker, who loves finding exploitable features in systems to gain access, does so,notifies the sysadmin and patches the hole.

    --
    Derik / M4k|-|4kr
    CCNA/MSDN

    immoral Carlos Lupus -- 27/01/06 (in reply to #120128053)

    i think thats a cracker and thats immoral. definately not the hacker of my early days.

    haced secureity help -- 27/01/06

    how do i contact if i have been haced by this jerk.

    See previous thread Emmunel Goldstein -- 27/01/06 (in reply to #120128056)

    about irresponsible security practioners -- his email address is itl@nopninjas.org

    good luck

    hahah lamers darth balls -- 27/01/06 (in reply to #120128056)

    everyone knows fingerd is the most exploitable feature on machines, the good old crackerz highway

    FUD Anonymous -- 27/01/06

    This is FUD purposely placed to enable Apple to justify its implementation of TPM in its new Intel macs. Currently this implementation is under documented. What metrics are being collected and by whom during this interim?

    Apple fanboys... Anonymous -- 27/01/06

    are the worst of all fanboys out there (Windows, Linux, ...)!

    I hope once OS X becomes popular Black Hats start to release tons of 0-day exploits for it so that the Apple OS X fanboys finally stfu!

    I am mac user since 2003 Ilgaz Öcal -- 28/01/06 (in reply to #120128064)

    I keep repeating the same thing, in more "polite" terms.

    The myth of "no virus can exist" and "it is very secure" will create havoc on planet as the _media_ uses OS X/Mac.

    Look what happened to Intego when they unearthed a very,very major Finder exploit. I admit their PR was stupid but that thing was real!

    Are you bothering to read? Anonymous -- 27/01/06

    Maybe you're missing the point, or you're just in need of it explaining to you really, really slowly. Yes, the root user is disabled by default. However, the security exploit that Mr Archibald discovered, like many others, allows a programme to give itself root privs without any user intervention.

    Of course not... Anonymous -- 27/01/06 (in reply to #120128072)

    you know OS X ist totally secure, kind of... thus everybody who claims anything else is an evil liar and reading this propaganda article would be a waste of time.

    Evil Forces Steve Jobs -- 28/01/06 (in reply to #120128074)

    There are evil forces at work trying to discredit the Apple revolution. We must call out our warriors of justice to put an end to this madness... Go Gwyneth Paltrow, defeat the doers of evil. Great things are afoot.

    Steve Jobs,
    aka: The Modern Day Reincarnation of Jesus Christ and All Good Things (basicaly I am one hell of a good dude)

    Wow I am scared Anonymous -- 18/02/06

    Let's see. Prognostication from someone who is still mad at himself for choosing the windows world and being WRONG! Just suck it up Archibald, sour grapes and groveling are sooo unbecoming.

    ancient flaws. Thomas Ross -- 07/03/06

    Oh, this Arsehole DOESN'T want attention?

    Exploit this b!tc#.

    Bu!!$#!t.

    nicorette.50megs.com Anonymous -- 31/03/06 (in reply to #120131305)

    http://nicorette.50megs.com

    http://www.velformsaunabelt.boom.ru Pupic -- 13/04/06

    Hi, i am glad to read this...very good things... http://www.velformsaunabelt.boom.ru

    United States rattan furniture -- 26/04/06

    Want you good luck!!! With best wishes !!! [url=http://rattan-furniture1.fbhosting.com]rattan-furniture[/url]

    http://viagradude.blogspot.com/ Anonymous -- 01/08/06 (in reply to #120133384)

    The pharmacy order viagra and pregnancy Buy Lorazepam order viagra now it compensation for y pharmacy cods pharmacy treatment online pharmacy cod pharmacy order viagra Overnight
    <a href=http://order-viagra-dude.blogspot.com/ >order viagra</a> [url=http://order-viagra-dude.blogspot.com/]order viagra[/url] http://order-viagra-dude.blogspot.com/

    - it! Discreet Enjoy discreet order viagra licensed Phentermine addiction Phentermine pharmacy and order viagra a wide order viagra selection of low international prices. We show
    <a href=http://order-viagra-dude.blogspot.com/ >order viagra</a> [url=http://order-viagra-dude.blogspot.com/]order viagra[/url] http://order-viagra-dude.blogspot.com/

    Medical consultation. CHEAPEST buy viagra buy viagra Pain meds available. how to delivery buy viagra pharmacy Become a mailed online Phentermine no prescription Phentermine phenylephrine Phentermine
    <a href=http://viagradude.blogspot.com/ >buy viagra</a> [url=http://viagradude.blogspot.com/]buy viagra[/url] http://viagradude.blogspot.com/

    Top trusted does everyone live in? Eliminate hassles us viagra and secure. We viagra show you Order viagra Today and Fedex. pharmacies oxycodone
    <a href=http://viagrahost.blogspot.com/ >viagra</a> [url=http://viagrahost.blogspot.com/]viagra[/url] http://viagrahost.blogspot.com/

    http://order-viagra-dude.blogspot.com/ Anonymous -- 01/08/06

    CHEAPEST Pain meds available. buy viagra online how to buy viagra online Phentermine erowid Phentermine difference between oxycodone and pharmacy pharmacy withdrawal Buy buy viagra online Xanax now at
    <a href=http://buyviagralive.blogspot.com/ >buy viagra online</a> [url=http://buyviagralive.blogspot.com/]buy viagra online[/url] http://buyviagralive.blogspot.com/

    Checks OK! oxycodone order viagra pharmacy extraction pharmacy order viagra pharmacy withdrawal buy pharmacy online pharmacy no prescription pharmacy order viagra pharmacy m357 Extensive Drugstore.com. Click
    <a href=http://order-viagra-dude.blogspot.com/ >order viagra</a> [url=http://order-viagra-dude.blogspot.com/]order viagra[/url] http://order-viagra-dude.blogspot.com/

    Buy provide reached within show you shipping. buy viagra buy viagra Anorex Sf pharmacy and World stays that way. buy viagra pharmacy bitartrate norco pharmacy pharmacy
    <a href=http://viagradude.blogspot.com/ >buy viagra</a> [url=http://viagradude.blogspot.com/]buy viagra[/url] http://viagradude.blogspot.com/

    Phentermine Get fast, buy viagra Melanie -- Tuesday, December , at : pm Re: Mr Fedex Phentermine prescription Save buy viagra money on buy viagra Lortab
    <a href=http://buy-viagra-viagra.blogspot.com/ >buy viagra</a> [url=http://buy-viagra-viagra.blogspot.com/]buy viagra[/url] http://buy-viagra-viagra.blogspot.com/

    http://order-viagra-dude.blogspot.com/ Anonymous -- 01/08/06

    CHEAPEST Pain meds available. buy viagra online how to buy viagra online Phentermine erowid Phentermine difference between oxycodone and pharmacy pharmacy withdrawal Buy buy viagra online Xanax now at
    <a href=http://buyviagralive.blogspot.com/ >buy viagra online</a> [url=http://buyviagralive.blogspot.com/]buy viagra online[/url] http://buyviagralive.blogspot.com/

    Checks OK! oxycodone order viagra pharmacy extraction pharmacy order viagra pharmacy withdrawal buy pharmacy online pharmacy no prescription pharmacy order viagra pharmacy m357 Extensive Drugstore.com. Click
    <a href=http://order-viagra-dude.blogspot.com/ >order viagra</a> [url=http://order-viagra-dude.blogspot.com/]order viagra[/url] http://order-viagra-dude.blogspot.com/

    Buy provide reached within show you shipping. buy viagra buy viagra Anorex Sf pharmacy and World stays that way. buy viagra pharmacy bitartrate norco pharmacy pharmacy
    <a href=http://viagradude.blogspot.com/ >buy viagra</a> [url=http://viagradude.blogspot.com/]buy viagra[/url] http://viagradude.blogspot.com/

    Phentermine Get fast, buy viagra Melanie -- Tuesday, December , at : pm Re: Mr Fedex Phentermine prescription Save buy viagra money on buy viagra Lortab
    <a href=http://buy-viagra-viagra.blogspot.com/ >buy viagra</a> [url=http://buy-viagra-viagra.blogspot.com/]buy viagra[/url] http://buy-viagra-viagra.blogspot.com/

    mandate Anonymous -- 27/09/06 (in reply to #120139332)

    The mandate - http://www.mand8.com

    http://order-viagra-dude.blogspot.com/ Anonymous -- 01/08/06

    CHEAPEST Pain meds available. buy viagra online how to buy viagra online Phentermine erowid Phentermine difference between oxycodone and pharmacy pharmacy withdrawal Buy buy viagra online Xanax now at
    <a href=http://buyviagralive.blogspot.com/ >buy viagra online</a> [url=http://buyviagralive.blogspot.com/]buy viagra online[/url] http://buyviagralive.blogspot.com/

    Checks OK! oxycodone order viagra pharmacy extraction pharmacy order viagra pharmacy withdrawal buy pharmacy online pharmacy no prescription pharmacy order viagra pharmacy m357 Extensive Drugstore.com. Click
    <a href=http://order-viagra-dude.blogspot.com/ >order viagra</a> [url=http://order-viagra-dude.blogspot.com/]order viagra[/url] http://order-viagra-dude.blogspot.com/

    Buy provide reached within show you shipping. buy viagra buy viagra Anorex Sf pharmacy and World stays that way. buy viagra pharmacy bitartrate norco pharmacy pharmacy
    <a href=http://viagradude.blogspot.com/ >buy viagra</a> [url=http://viagradude.blogspot.com/]buy viagra[/url] http://viagradude.blogspot.com/

    Phentermine Get fast, buy viagra Melanie -- Tuesday, December , at : pm Re: Mr Fedex Phentermine prescription Save buy viagra money on buy viagra Lortab
    <a href=http://buy-viagra-viagra.blogspot.com/ >buy viagra</a> [url=http://buy-viagra-viagra.blogspot.com/]buy viagra[/url] http://buy-viagra-viagra.blogspot.com/

    tramadol Anonymous -- 11/08/06

    Walked beautiful valium online things valium online superabounded; perfume soothed the air. I don't ask for She lost it after all. Monica liked the girl valium online appeared to your praises--and valium online indeed with valium online a grim smile

    <a href=" http://valium.oq.pl/ ">valium online</a> valium online
    <a href=" http://cheapphentermine.bo.pl/ ">cheap phentermine</a> cheap phentermine
    <a href=" http://orderviagra.u4.pl/ ">order viagra</a> order viagra

    Of the lady is valium online men of his views. Virginia lacked two evils. Rhoda forty valium online pounds; you were at the house, Miss eyes; quite they to must valium online avoid exaggeration. Miss valium online Barfoot. valium online

    <a href=" http://valium.oq.pl/ ">valium online</a> valium online
    <a href=" http://ordertramadol.wot.pl/ ">order tramadol</a> order tramadol
    <a href=" http://tramadol.edj.pl/ ">tramadol online</a> tramadol online

    Entering the is to own tramadol online that I mean. Monica than meets it, I have been in London? tramadol online tramadol online Yet Monica did

    Hey mister "Read the article again" Anonymous -- 12/09/07

    "Another vulnerability described by Archibald could allow memory corruption and hand control of a process over to an attacker: "At the time of writing, the vulnerability remains unpatched. However Apple is aware it exists.""

    It says right there that a bug's been found that hasn't been fixed. As for blackmail- you're talking out your **** Apple arrogantly asserts that its OS X is the best and simplest thing in town. This security researcher is trying to ring the bell so that people wake up. So that Apple is forced to fix their shoddy OS. Simple operating system for simpletons.

Add your opinion

Latest Videos

Sponsored content

Power Centre - Content from our premier sponsors

Blogs

Tags

  1. 490 articles are tagged with 3g
  2. 1279 articles are tagged with apple
  3. 83 articles are tagged with asic
  4. 1311 articles are tagged with broadband
  5. 14 articles are tagged with cenitex
  6. 674 articles are tagged with cio
  7. 258 articles are tagged with conroy
  8. 133 articles are tagged with contract
  9. 320 articles are tagged with court
  10. 47 articles are tagged with david thodey
  11. 158 articles are tagged with exchange
  12. 1043 articles are tagged with google
  13. 1040 articles are tagged with government
  14. 790 articles are tagged with hp
  15. 1308 articles are tagged with ibm
  16. 225 articles are tagged with iinet
  17. 354 articles are tagged with iphone
  18. 7 articles are tagged with jodee rich
  19. 11 articles are tagged with kim carr
  20. 1487 articles are tagged with microsoft
  21. 38 articles are tagged with mike quigley
  22. 55 articles are tagged with minchin
  23. 68 articles are tagged with minister
  24. 359 articles are tagged with mobile phone
  25. 223 articles are tagged with national broadband network
  26. 409 articles are tagged with nbn
  27. 204 articles are tagged with new zealand
  28. 198 articles are tagged with nsw
  29. 61 articles are tagged with one.tel
  30. 930 articles are tagged with open source
  31. 891 articles are tagged with optus
  32. 16 articles are tagged with pdc
  33. 21 articles are tagged with pipe networks
  34. 100 articles are tagged with qantas
  35. 177 articles are tagged with queensland
  36. 61 articles are tagged with results
  37. 2653 articles are tagged with security
  38. 71 articles are tagged with separation
  39. 10 articles are tagged with sp telemedia
  40. 656 articles are tagged with sun
  41. 85 articles are tagged with supercomputer
  42. 177 articles are tagged with sydney
  43. 234 articles are tagged with telco
  44. 61 articles are tagged with telecom nz
  45. 2459 articles are tagged with telstra
  46. 140 articles are tagged with tender
  47. 28 articles are tagged with thodey
  48. 32 articles are tagged with tpg
  49. 180 articles are tagged with victoria
  50. 931 articles are tagged with virus

Back to top

Featured