Mac OS X hacked under 30 minutes

update Gaining root access to a Mac is "easy pickings," according to an individual who won an OS X hacking challenge last month by gaining root control of a machine using an unpublished security vulnerability.

On February 22, a Sweden-based Mac enthusiast set his Mac Mini as a server and invited hackers to break through the computer's security and gain root control, which would allow the attacker to take charge of the computer and delete files and folders or install applications.

Participants were given local client access to the target computer and invited to try their luck.

Within hours of going live, the "rm-my-mac" competition was over. The challenger posted this message on his Web site: "This sucks. Six hours later this poor little Mac was owned and this page got defaced".

The hacker that won the challenge, who asked ZDNet Australia to identify him only as "gwerdna", said he gained root control of the Mac in less than 30 minutes.

"It probably took about 20 or 30 minutes to get root on the box. Initially I tried looking around the box for certain mis-configurations and other obvious things but then I decided to use some unpublished exploits -- of which there are a lot for Mac OS X," gwerdna told ZDNet Australia .

According to gwerdna, the hacked Mac could have been better protected, but it would not have stopped him because he exploited a vulnerability that has not yet been made public or patched by Apple.

"The rm-my-mac challenge was setup similar to how you would have a Mac acting as a server -- with various remote services running and local access to users… There are various Mac OS X hardening guides out there that could have been used to harden the machine, however, it wouldn't have stopped the vulnerability I used to gain access.

"There are only limited things you can do with unknown and unpublished vulnerabilities. One is to use additional hardening patches -- good examples for Linux are the PaX patch and the grsecurity patches. They provide numerous hardening options on the system, and implement non-executable memory, which prevent memory based corruption exploits," said gwerdna.

Gwerdna concluded that OS X contains "easy pickings" when it comes to vulnerabilities that could allow hackers to break into Apple's operating system.

"Mac OS X is easy pickings for bug finders. That said, it doesn't have the market share to really interest most serious bug finders," added gwerdna.

Apple's OS X has come under fire in recent weeks with the appearance of two viruses and a number of serious security flaws, which have since been patched by the Mac maker.

In January, security researcher Neil Archibald, who has already been credited with finding numerous vulnerabilities in OS X, told ZDNet Australia  that he knows of numerous security vulnerabilities in Apple's operating system that could be exploited by attackers.

"The only thing which has kept Mac OS X relatively safe up until now is the fact that the market share is significantly lower than that of Microsoft Windows or the more common UNIX platforms.… If this situation was to change, in my opinion, things could be a lot worse on Mac OS X than they currently are on other operating systems," said Archibald at the time.

An Apple Australia spokeswoman said today it was unable to comment at this stage.

Advertisement

Print feature brought to you by Hewlett Packard

Talkback 192 comments

  1. Microsoft Setup !! Raymond Cubicle -- 06/03/06

    I have heard from a reliable source that Microsoft setup this competition using a crippled version of MacOSX by installing Windows backdoors at certain memory locations. This allowed the hacker to gain access in more then 29 MINUTES. if it was any other operating system the IP address would of been hacked in under 30 SECONDS. I think this is proof enough that MacOSX is secure.

    1. Ya have a problem Anonymous -- 06/03/06

      first off , why compare apples with pears hmm , this had nothing too do ms oparting system , but the Mac OS it self , if that is ya arguement for a belief in an OS , then with all due respects , ya avioding the main issue , and living on another planet .

      P.S take a holiday will ya !

    2. Is it April Fool's day already down under? Anonymous -- 07/03/06

      Get real you pathetic losers. There are more credible ways of generating traffic to your crappy site.

    3. Microsoft Setup !! Anonymous -- 07/03/06

      You need to get out of your cubicle more often. That being said, I do run OS X and I seriously doubt the guy could hack my system without spending a lot more time than he would be willing to. But then I am not a typical Mac user in denial about security. I have taken other measures to ensure system security.

    4. So relieved! Jan Klaassen -- 07/03/06

      I'm so relieved that this story title was just a hoax :).

      For a minute there i thought the card house collapsed, but now i read that this silly guy opened up SSH to his attackers :). No wonder..

      I figure it must be hard to find any real news on OS X security..

      Interesting journalism ;)

    5. Not just SSH... David Etter -- 10/03/06

      Not only did the guy open up SSH, but he gave a local account for them to gain access through. Everyone knows that just gaining access is the hardest part. I'm surprised it took 30 minutes...if the hacker is as good as he claims, with the "unpublished vulnerabilities". Good grief... Going back to my safe, secure, unhacked OSX system, thank you.

    6. "backdoors at certain memory locations"? programming since before you were born -- 07/03/06

      LOL. Let us know when you find out what backdoors and memory locations ARE, so you don't make such ludicrous statements.

  2. OSX Insecure? Codswallops I say. Melony Steggles -- 06/03/06

    Interesting accusation indeed. However one requires experience when dealing with the delicate spices of OSX security configurations.

    The attacker was able to have his way with this system because the end user logged the attacker in as god.

    It's all about education and luckily most Mac end users are quite computer savvy. We still have a long way to go as a community, education should be a key focus. A good place to start is a Mac Users Society.

    Remember MAC = beautiful AND awesome AND fast.

    Thanks,
    Melony

    1. lol Anonymous -- 07/03/06

      Yet again another MAC owner makes a laughable comment and OSX.

      MAC's account for 2-3% of the PC market they simply don't get attacked because it's not worth it. Spam and virus writers are looking for a mximum return on thier endeavours. Firefox didn't get hit until it got to 10% market share and now it's being hit regularly.

      You MAC owners are going to have a very rude awakening should you ever hit the giddy heights of 10%. Then again thinking about it lol you're right you're quite safe :)

    2. Hack the system in the link then Steve Palmhair -- 07/03/06

      Prove you know what you are talking about. Otherwise just shut up.

    3. Why? Anonymous -- 07/03/06

      Why do you people say Mac as MAC. Each letter doesnt stand for something nor is Mac so great that it has to be put in caps. Stop it you fools.

    4. it is an acronym Anonymous -- 29/12/07

      Most
      Applications
      Crash
      If
      Not
      The
      Operating
      System
      Hangs

    5. really? Anonymous -- 26/05/08

      After building high end Windows machines specifically for audio, owning over 20 PC's, and being a tech for a computer company, I'd never go back to Windows.

      I never have an issue with ANY of my Macs. Not to say that problems don't come up... the biggest issue I've dealt with is hard disk failures (a mechanical device that Apple does NOT manufacture themselves) and with software issues I can count on one hand every year... yeah, I'd say it's a better OS.

      Though I must say Microsoft is definitely on the right track with their "copy Apple" strategy! It's the best looking Windows yet, though, the worst running as well... And why are so many people "downgrading" to an older, flawed version of Windows?

      You keep your PC, I'll keep my Mac... just enjoy your viruses or your system being taken over by an anti-virus program if you prefer. Keep in mind there still has yet to be one CONFIRMED virus on Mac OS X since it's release.

      Don't you think that some hacker out there would just love to be the FIRST with a confirmed virus for the Mac? I mean realistically, wouldn't you love to shut up all of us smug Mac users? I do believe that there is a reason it has not been done, and market share has nothing to do with it.

      I have heard of attempts. I have heard of confirmations too, but those always resulted in the programmer saying that it would not be able to be spread due to the fact it could not be run on any other machine except for the one it was engineered for.

      I'll deal with a very rare application hang for the knowledge that my system is very well protected... from the factory without additional software. (FYI, I've always had more issues with "blue screens of death" and crashing applications on a single Windows machine than I ever had on all of my Macs combined.)

    6. Why? Anonymous -- 07/03/06

      Why do you people say Mac as MAC. Each letter doesnt stand for something nor is Mac so great that it has to be put in caps. Stop it you fools.

    7. re: Why? Rob Marquardt -- 09/03/06

      <i>Why do you people say Mac as MAC. Each letter doesnt stand for something nor is Mac so great that it has to be put in caps. Stop it you fools.</i>

      Usually it's PC users (like the person you replied to) that think, because "PC" is in caps, all computers ("MAC", "LINUX") are too.

      You're spot-on with the "stop it you fools" line of thinking, though. Just for the wrong reasons.

    8. lit 101 Anonymous -- 16/05/06

      when you write an abbreviation, you write it in capital letters.
      just like PC as personal computer and MAC as machintosh.

    9. Mac 101 Anonymous -- 31/05/06

      Mac is NOT an abbreviation. It is a registered trademark all on it's own.

    10. even if... Anonymous -- 05/02/07

      Even if Mac is considered an abbreviation the "abbreviations are capitalized" argument is faulty. Such abreviations as km, pg., no., abbr., etc. aren't capitalized. And Thurs., Mar., Capt., Dr. (etc.) have only one capital letter.

    11. Why? Anonymous -- 07/03/06

      Why do you people say Mac as MAC. Each letter doesnt stand for something nor is Mac so great that it has to be put in caps. Stop it you fools.

    12. Probably... Anonymous -- 08/03/06

      Probably the same reason you posted your comments three times. Your comments weren't that great either; stop it you fool.

    13. Couldn't have said it better Anonymous -- 30/04/06

      Glad I'm not the only one

    14. Mac market share = less viruses Anonymous -- 08/03/06

      Which is why there are WAY more critical exploits for Apache than IIS web services right?

    15. no Anonymous -- 02/04/06

      unlike OSX apache has faced the terrors of the internet since day one and every day it grew the project gained experience and security while hackers were trying to compromise that. It's called a hardening process and windows is undergoing that now too. And it's obviously time for OSX to learn from its faults too

    16. Interesting Comment Indeed John Bowers -- 22/04/06

      First a bit of background: I am a Mac User who is a Security junkie. I don't claim to know a ton about security, but I really like it. I also really like my Mac, have general dislike for windows, and have had a long stint as a linux user. Currently my house has all of the following OSes installed and in use: Win2000, WinXP, Redhat 7, Fedora Core 3 (I know, update), and Mac OS X. The Mac is my main computer though.

      Now to comment on your comment:
      "logged the attacker in as god"
      It seems from the material that he was logged in as a normal user, not a super user or "god".

      "It's all about education and luckily most Mac end users are quite computer savvy."
      As to the savvy, maybe, maybe not. But this flaw has nothing to do with education. If the attacker is using unpublished and unpatched flaws as he claims to be, then no amount of your education short of actually looking for these unpublished exploits yourself (and successfully finding them) is going to save you.

      "Remember MAC = beautiful AND awesome AND fast."
      true.

      This brings up an increasingly good point: Every flaw that gets patched in a system is one less flaw that system has. We Mac users have not been tested by fire very often (and as the comments on this page suggest, really don't like it when we are). Windows is constantly having exploits discovered and patched. Now, I'm not going to say that Windows at the beginning and OS X at the beginning had the same amount of security flaws. But you can bet OS X HAS security flaws (as has seemingly been proven by this article). Claiming that YOU personally know how to make sure there aren't any is a kind of hubris only those called FANBOYS will attain. A bad couple of months will come sometime in the future where Mac is finally tested by fire, and I have confidence that Apple, as they have always done, will quickly fix and patch the holes. I look forward to it even, because afterwards the FANBOYS claim that the Mac is insanely secure might become true.

      Now for the other side of the coin:
      If this dude has found some unpublished bugs, why doesn't he publish them? Let's get them patched.

    17. Interesting Comment Indeed John Bowers -- 22/04/06

      First a bit of background: I am a Mac User who is a Security junkie. I don't claim to know a ton about security, but I really like it. I also really like my Mac, have general dislike for windows, and have had a long stint as a linux user. Currently my house has all of the following OSes installed and in use: Win2000, WinXP, Redhat 7, Fedora Core 3 (I know, update), and Mac OS X. The Mac is my main computer though.

      Now to comment on your comment:
      "logged the attacker in as god"
      It seems from the material that he was logged in as a normal user, not a super user or "god".

      "It's all about education and luckily most Mac end users are quite computer savvy."
      As to the savvy, maybe, maybe not. But this flaw has nothing to do with education. If the attacker is using unpublished and unpatched flaws as he claims to be, then no amount of your education short of actually looking for these unpublished exploits yourself (and successfully finding them) is going to save you.

      "Remember MAC = beautiful AND awesome AND fast."
      true.

      This brings up an increasingly good point: Every flaw that gets patched in a system is one less flaw that system has. We Mac users have not been tested by fire very often (and as the comments on this page suggest, really don't like it when we are). Windows is constantly having exploits discovered and patched. Now, I'm not going to say that Windows at the beginning and OS X at the beginning had the same amount of security flaws. But you can bet OS X HAS security flaws (as has seemingly been proven by this article). Claiming that YOU personally know how to make sure there aren't any is a kind of hubris only those called FANBOYS will attain. A bad couple of months will come sometime in the future where Mac is finally tested by fire, and I have confidence that Apple, as they have always done, will quickly fix and patch the holes. I look forward to it even, because afterwards the FANBOYS claim that the Mac is insanely secure might become true.

      Now for the other side of the coin:
      If this dude has found some unpublished bugs, why doesn't he publish them? Let's get them patched.

  3. GET REAL Anonymous -- 06/03/06

    Oh Man! Is this guy a total n3wb or what! Everyone knows this issue was patched last year at Bl4ckHat 2004. It was just a simple offset calcuation fix in the virtual table kernel pool. Not even critical.

    Looks to me like the OSX haters are at it again. Please give up i'm starting to feel sorry for you.

    PEACE OUT OSX4LIFE

  4. Thanks for posting that story Anonymous -- 06/03/06

    Just a quick note to say that I appreciate this story.

    Also, the idiots page on that site is haliourious, I hope to see some new comments up there once this story is more read!

  5. Of course there are going to be vulnerabilities.. Jeremy Cade -- 06/03/06

    Last time I checked operating systems, like every other piece of software is written by humans? That in itself guarantee's security vulnerabilities. To suggest mac osx is secure or more secure then any other main stream end user os is just fanboyism at it's best.

    ALL MAINSTREAM END USER OS's have security vulnerabilities.. regardless of who makes them.

    WAKE UP!

    1. agreed Anonymous -- 06/03/06

      I believe people take too much for granted these days, like the virus issue.. to assume a mac is virus proof makes you an idiot. Why would anyone make a virus to attack 5% of the community, M$ has a larger userbase, so it's more likely to have viruses and "hackers" exploit the weaknesses of the majority used brand than the 2nd rate brands.

      I myself use Windows XP, and I find OS X primative personally, and this is coming from a professional software engineer, Apple has it's ups and downs just like Windows and *nix. It's not a fact of which is better but a fact of personal prefs, all operating systems have a weakness so please get off your anti-microsoft bandwagon and accept the facts!

    2. You have to be kidding ! Bill -- 06/03/06

      ~ When did apple say mac's are virus proof ?!?
      ~ Why make a virus in the first place ? - To be a little arse, like most window users are....(Well you any ways) !
      ~ "2nd rate brand" - Just because M$ has more users doesn't mean its a better 'brand' ! More like its cheaper !
      ~ So simplicity is "primitive" - I would hate to have your life !
      ~ The facts the apple fixes it "security flaws" within a matter of weeks, is what counts !
      ~ "professional software engineer" - You like to talk yourself up don't you... loser !

    3. It's all in what you want to do with your system Anonymous -- 08/03/06

      I am not a MAC fan as I don't really have any practical use for them. By this I mean I like to play high-end games and I develop .NET applications for fun and for a living.

      All OS's have flaw's and hopefully the makers fix them in a reasonable time.

      Calling MAC OSX 2nd rate is not fair but it is fair to say that thier small user base makes them a less appealing target to write hack at.

      There is a new OSX hacker challenge being put up here http://test.doit.wisc.edu/

  6. is this journalism? Anonymous -- 06/03/06

    so ... an anonymous hacker, by unanounced means, has hacked os x by way of an unpublished and unidentified security hole.

    did he also see elvis?

    1. A shrink might help you Anonymous -- 06/03/06

      With comments like that , one has to think ya not very computer savvy just maybe a newbie , but don't worry . there's a shrink in ya local area , look then up .

    2. agreed Anonymous -- 07/03/06

      that's what I thought :)

    3. Couldn't have said it better myself Anonymous -- 07/03/06

      ROTFLMAO!!

    4. Indeed a load of bullpoo Leon Buijs -- 07/03/06

      Anybody can claim something so vague.

  7. ZD Net is a paid Microsoft site john doe3 -- 06/03/06

    Both CNET and ZDNet are paid by Microsoft (e.g. for advertising, etc...) Every article they post about Apple are so biased. Check their past articles and decide for yourself.

  8. gwerdna = Andrew G? Anonymous -- 06/03/06

    Andrew G backwards --> gwerdna. Not very clever, if you ask me.

    1. who is andrewg Anonymous -- 07/03/06

      i heard he had a beard and likes to wear lyrca

    2. Who is andrewg Anonymous -- 08/03/06

      I hear he world best hacer. I hear he able code virus real time.

      He host TV show - very popular. You go see him blog: http://andrewg.tv/blog/

      Hace the planet!

    3. Thanks for wasting a post... Anonymous -- 08/03/06

      Moron!

    4. look who's talking Anonymous -- 06/02/07

      trollaxor

  9. some clarifications: Anonymous -- 06/03/06

    from the website:
    "That's why I set up an LDAP server and linked it to the Macs naming and authentication services, to let people add their own account to this machine."

    and furthermore:
    "This is the place you add yourself an account on my Mac.

    To log in, simply SSH to rm-my-Mac.WideOpenBSD.ORG using the name and password you've choosen. It might take a while to log in as SSH is started from inetd and needs to generate keys upon startup.
    Username:
    Password: (pick a secure one)"

    let me get this right, he actually enables everybody to add his own home account? and gives them ssh access to his machine? and then he wonders that it is insecure?

    i dont know what to say...

    other that any normal mac user doesnt have to worry because that's such a stupid, non standard configuraation that it will never happen on their machine.
    ++ chris

  10. What a fake.. Anonymous -- 06/03/06

    "hacked mac os x".. wake up people, what version was it? 10.0? the beta? or was it 10.4.3? who is outdated anyway..

    You guys have to bring in a bit more prove to say OS X is hacked.. sry lol.

  11. No operating system can be secure Hans-Christian -- 06/03/06

    No operating system can be secure unless you seriously cripple its functionality and API's.

    That being said, while there is no doubt OSX is very secure as opposed to, for example, Windows, the problem with OSX is that Apple is secretive about security issues; so it does not benefit from the openness of open source operating systems, like Linux (and this is regardless of OSX being based on BSD), nor does it have the punishing experience that Microsoft had to endure to get their act together and focus on its security issues (and, over time, be a bit more "forthcoming" about their efforts).

    So the question regarding the security of OSX is a matter of trust: Do you trust Apple or do you not? Security by obscurity only masks the underlying problem and, while in the short term, it may show to be somewhat effective, in the long run that effectiveness is almost negligible. And, ultimately, by keeping security matters quiet, Apple will be at their own discretion to put their efforts into what they deem is of most benefit to themselves, which does not necessarily mean to the benefit to the Apple community.

    And, finally, to point out to some of the more assertive comments on this board of virulent nature, bear in mind that the security issue with OSX is irrespective of whether OSX is a good operating system or the quality of Apple hardware. It should be in _your_ interest to be actively participating in these matters, rather than taking on a defensive and dismissive attitude (ie. "OSX rules, it is the most secure, you are just making this stuff up, stop saying bad things about Apple, nothing to see move along. w00t").

    1. osx IS secure Gerald Rumplestein -- 06/03/06

      It's common knowledge that macos is the most secure operating system currently found on public networks. (Probably also the most secure operating system in classified environments - I think the NSA and CIA run macosx).

      To suggest that the Apple API requires crippling is fanciful at best. Among expert programmers the Apple API is regarded as rock solid and 94.86% total secure. It's closest competitor is OpenBSD which is around 89.52% internet secure according to popular calculations. The main reason the Apple API is so secure is due to the fact that the administator must login using a secure password before any sensitive (red-zone) memory can be accessed by the API. It's simple but beautiful at the same time.

      I think everyone can agree that OSX is much more secure then Windows. Just look at it's track record - no serious viruses at all. All we have seen so far are experimental prototypes developed by the worlds best virus crackers (Like KF). These viruses do not work at all in a real world environment. I think this is mostly due to the superior design choices the Apple Operating System decided to implement that just don't feature in other Operating Systems. Think non-infectable executable file format, PROTECTED MEMORY, secure file permissions (you can turn off the execute bit on all viruses), and much more. What really impresses me is how Apple managed to create such a rock solid and secure operating system but have time to make it so pretty aswell! Amazing!

      I completely trust Apple %100. What reason would I have not too? They have always kept their consumers best interests as the number one priority. The thing is Apple have designed macosx to be secure from the get go, they have nothing to hide. And besides they have released the complete source code for their operating system. This alone should prove that Apple have nothing to hide - no other company is confident enough to do this. I think this really makes MS jealous hence the zdnet articles.

      Mac users speak up about the operating system, because as mac users, we know we have the most god damn secure operating system on the planet, from first hand experience. Apple already thought about our interests when it designed the operating system as far as security concerns go.

      BTW there is nothing wrong with expressing pride in your choosen operating system providing it's the winning side (macos). Nobody is being defensive or dismissive, we just like to point out the facts as many Microsoft users are not familiar with reality.

      God Bless America

    2. re: Hans-Christian -- 07/03/06

      Thank you. Your response is exactly what I hear all the time and would be exactly what I would say if I were to argue with someone why Apple OSX (Linux, Free/Open/NetBSD) is far more fundamentally secure than Microsoft Windows. However, your response betrays that either you didn't understand my point or I didn't explain well enough. Probably mostly the latter.

      1. User space is good, but does not prevent that user from losing data. It is good in a system where you don't want to compromise the fundamental system, but this is really not a concern for the typical user and his photography or music collection or documents

      2. Many applications/API's do not run in user space. If there is a vulnerability in Apache or hardware drivers, then there is a vunerability in my system. For example, I would not be surprised if SpotLight had kernel mode integration and, if that were the case, then SpotLight might have some vulnerabilities as well. Has anyone looked into this?

      Please note: OSX is not a microkernel.

      Please note: Anything that runs in the kernel and extends it's functionality through an API, for example, to user space and is found to have vulnerabilities has little or no protection for your system.

      http://developer.apple.com/documentation/Darwin/Conceptual/KEXTConcept/KEXTConceptAbout/about_kexts.html#//apple_ref/doc/uid/20002364-73828

      3. OSX is a direct derivative of NeXtStep, so a lot of that code is inherited to fit the Apple user experience and design. So, to understand OSX, you need to learn something about NeXtStep and it's UNIX/BSD roots. OSX was not built from the ground up since 2000/01.

      4. You hinted towards that I had a particular bias towards another operating system (did you think it was Microsoft? heck no), but I never alluded to my preference, but if you are wondering, it is Debian Linux (server) and OpenSUSE (laptop).

      4. A virus is a piece of code designed to exploit the mechanisms of inherent trust of the operating system, application and the user. This is the holy trinity. To make your OS as secure as possible, you have to make two of those three as secure/well deisgned/smart as possible. So, now we are in a battle of definitions, because a virus is not the only thing that is dangerous and what is defined by varying degrees of exploitation that can occur. Part of Microsoft's problem is that they implemented too much code to integrate too much functionality and ease-of-use, without thinking of the unintended consequences. For example, Outlook being able to execute code from emails automatically. Well, Microsoft probably had an idea going there which was well-intentioned, but such a trusting nature can also been manipulated. Would this matter in a UNIX-type environment? Not really. An intentionally basic thought experiment: Let's say that OSX Mail was able to execute code automatically and you are in user space, then someone could send a piece of code which acts like a keystroke logger and the code would wait until the occasion that you type in your supervisor password and it would log those keystrokes and suddenly have access to attack your underlying system and then propogate further. So, the underlying security is really not all that important compared to the cohesion of the software and the underlying system or a smart user. The important thing is that Apple made the wise decision to make their kernel as secure as _possible_, but also thought about how their applications work by default, such as leaving all services off by default, which is the opposite policy to a company such like Microsoft, which wants you it seems to have all services on by default.

      So, it would be good to reflect on that philosophical difference and, bear in mind, this is the reason why most vulnerabilities in OSX applications tend to be Microsoft Office apps and such.

      And, yet again, not really to come to the defense of Microsoft, but if Apple had as big a customer base as Microsoft did, they would be far less

    3. Mail.app has an auto-execute vulnerability jazzcrazed -- 07/03/06

      The most serious *known* OS X vulnerability is that Safari and Mail.app are set at default to determine "safe files" by extension, thus allowing terminal scripts to be masked as *.jpg or other kinds of files (see: http://blogs.securiteam.com/index.php/archives/317). It was creepy in the least to see a JPEG spawn a terminal window and list my home directory.

      Fortunately, this vulnerability *is* published, and at least users could change the default settings of the vulnerable apps. But that highlights the importance of not being secretive. Apple deserves scrutiny with this, and users are naive to assume that they already know of and can defend against all of OS X's vulnerabilities.

    4. old news already patch Anonymous -- 07/03/06

      That vulnerability has already been patched.

    5. and so is MS's WMF vulnerability... JazzCrazed -- 13/03/06

      My main point is that you, nor anybody, nor even Apple can claim to know every vulnerability and bug in the OS. This gwerdna fellow claims that he exploited an unknown vulnerability. Who are we to say he's wrong? Who are we to say that there aren't a hundred others? Or a thousand? Or just five?

      It's a lot of code to keep track of...except that with it being closed only Apple can keep track of it, so it's up to them to scrutinize themselves and let everybody know when they find something. Their reliability with that has yet to be proven, but they'll be getting their chance soon.

      It's my strong opinion that nobody can call anything secure without knowing every single bit that goes into it.

    6. Re: Auto-Execute Anonymous -- 09/03/06

      Yes, I noticed that too. (That was creepy.) But the thing is, you actually need to execute the file. As compared to MS Windows viruses and trojans, you barely have to do anything at all and have a virus show up on your PC the next day.

    7. OpenBSD Anonymous -- 23/02/08

      by default, out of the box, during and just after being freshly installed OpenBSD is the most secure publicly available operating system in the world that can be used to do useful things.

      Folks, Windows, Linux, Solaris, The BSDs, Unices, MacOS and OSX all have any where from several to several thousands known published, fixed and unfixed security problems since they were first released to the latest versions, some critical some completely benign, some very specific to certain conditions and some because of 3rd party software...

      So stop arguing about which is the most secure... and start arguing which is the right tool for the Job, and how to harden it... OSX set up as a network sever on open public internet is kind of absurd as there are much better tools for this job commercial and free... OSX is good for grandma, designers, and sound engineers... if any one thinks its a good OS as a network operating system should probably pick up the FreeBSD handbook and choose a shell to learn and find out why OSX is based on BSD... and realized all the tinkering and crap that has been layered on that underlying design has been put there for the end user desktop experience, and not to make it any better or more secure as a network operating system...

      If you really want to see a secure network operating system, find a commercially harded linux or BSD distro, or check out OpenBSD, or find a really old copy of something obscure like Irix or a old Solaris distribution that no one even remembers how to hack....

      Take, FreeBSD, NetBSD or OpenBSD and install PF use a default block in statement and only open the ports you need for the outside world to reach. Use the best latest and great version of those apps you will run on those ports like the LAMP stack, BIND and SSH and chroot jail them when possible and stay on top of their dev and release cycle... and patch them as quickly as you can... turn off all services that are not necessary for the box to perform is job.

      Use a application aware deep inspection hardware firewall in front of that that can help a little with spoof detection, and slow down lamer DoS attacks and what ever else can give PF a hand in dropping packets that would otherwise steal CPU time from your server, a modern PIX, a Juniper, etc, etc...

      and now you are as secure as you can reasonably be with out developing your own custom security patches and software...

      but you are still only as secure as PF, Apache, MySql, PHP, and the Juniper Firewall code is... and there will always be new security holes that pop up in those apps and code... humans make mistakes, humans want new features, and humans want security... in that order, too.. :-) its a cycle...

      Summery:

      Ok, choose the right OS for the Job, don't run unnecessary services, keep all exposed apps up to date, chroot jail them, used the hardened version if available... use a reputable hardware firewall in front of them as well PF on the box itself and you are as secure as you are going to be outside of just not running any useful services and at that point just unplug the damn thing... then you are 99.9 secure... and the last thing that can happen would be the hackers knocking down your door and physically stealing your box....

      eh... as far a securing the box from internal unprivileged user accounts, thats another whole different box of bugs... and in reality there are very few situations where one would do that, and if you do do that, there are some very extensive, specialized configurations for that environment...

    8. an OS -could- be secure... Steve Austin -- 09/03/06

      There is a public-domain effort underfoot managed by a friend of mine at IBM to harden Linux down to function-call level. It is conceivable that an operating system could be secure. Of course information systems are subject to human error in their configuration and accesses mistakenly granted via social engineering, but I challenge you to prove there is no way an OS can be secure.

      I believe it is inevitable that -some- OS (probably Linux, or its hardended version, whatever it may be called) will be secure and those with enough affinity of code-base (or need) will follow suit. It may take 10 years but my prediction is it will happen.

    9. A somewhat lengthy opinion about it.... Anonymous -- 25/10/06

      Well, I'm of the opinion that there is no such thing as a totally secure system except when it is turned off and unplugged.

      The problem with designing something that is secure is that it assumes that you can achieve perfection, which is an impossibility. Programming is very much like engineering; it's about give and take, what you can and can't do, when you do one thing how it can impact something else, and so on.

      That said, Mac OS X is an inherently simpler operating system than, say, Microsoft Windows XP. This does mean that less can go wrong. However, you still have to put it into perspective; Mac OS X is still a complex piece of software and it is that complexity that gives it its potential vulnerabilities that Apple may not be able to entirely account for until after such vulnerability has been revealed by an attack. It is, afterall, a man-made product with its own unique set of strengths and weaknesses that can be exploited in some way.

      This is why a system cannot be totally secure. All you can do is take the most measures possible to help fortify your system's security without impacting functionality too much. And, even then, a hack or infection can still happen; all the additional safeguarding only decreases the chances that a hack can occur, but it cannot totally eliminate the risk. All it takes is a hacker with ingenuity, imagination, and determination.

      You could design a security setup which can help mitigate vulnerabilities, but remember what I said about programming being somewhat like engineering. It is possible that such a setup could also introduce a different set of vulnerabilities that can also be exploited, and the more complex it is ... well, you should know what I mean.

      Again, the only time a system is totally secure is when it is powered down and unplugged. You may patch everything you know about now, but that doesn't mean that you can account for what could be exploited in the future. Let the uncertainty of your system's security keep you from being naive or complacent, ergo taking all necessary precautions to help mitigate the risk as opposed to thinking that "it can't happen to you" for whatever reason and allowing this risk to propagate further. - Reinhart

    10. MAC OSX Security DC0DR -- 15/05/07

      You Gentlemen hit the nail on the Head. I have yet to see a better built platform for security considering UI, GUI as well as OS.

      My Pick is MAC

      DC0DR

  12. Pathetic Anonymous -- 06/03/06

    How absolutely pathetic is this? Just give it a rest, you dont go off your tits every time microsoft has a small flaw.

    1. See what I mean? Hans-Christian -- 06/03/06

      See what I mean?

    2. These commenters are literally children. prgramming since before you were born -- 07/03/06

      I wouldn't get my knickers in a twist over the comments here.

  13. idiots?! Anonymous -- 06/03/06

    did anyone see the idiots page on that website??????

    it looks perfectly reasonable, why would some moron put those things up???

  14. ??? Anonymous -- 06/03/06

    I 'm not an Apple fanboy. In fact, I like Windows XP too, I just use OSX because Apple happens to sell the only 12" laptop that 's affordable for me. And yes, I think it 's good, maybe even better than Windows and a lot of Linux systems, but that depends entirely on what you want to do with it. I also never had any virus infections, malware or hacks while using Windows XP.

    That being said, I think this gwerdna person is trying to just get some press attention, and maybe discredit Apple because they 're selling proprietary software and making a profit off it while he 's at it.

    I 've seen the website. There 's no explanation whatsoever as to how this supposed takeover ever happened. Lesson number one in being credible: try to bring up at least some decent evidence.

    Other than that, he does have this machine configurated in a rather unusual way, to say the least.

    1. I stand corrected Anonymous -- 07/03/06

      It seems I stand corrected ... Someone 's posted some code snippets on the site, that appear to me like they prove his point.
      Maybe someone really savvy of these things (unlike me, I must admit) should take a look at it.

    2. he said it was an unpublished exploit programming since before you were born -- 07/03/06

      Do you know what "unpublished" means? Publishing an unpublished exploit is irresponsible.

  15. MAC OS X hacked? Anonymous -- 07/03/06

    I have been on Macs for years now and have no serious complaints about their products, including OS X, and I can't see myself ever going back to the MS world.

    I don't believe OS X is invulnerable and I am not complacent about security, but given the initial access level granted to the hackers for this 'challenge' their success can hardly be described as a real world threat. The only information the hackers should have been given was the IP address and the OS type. If they had hacked that at all, let alone in under 30 minutes, then I would be very concerned.

    Those who say that the only or main reason that OS X security has not been compromised yet is because of its small market share, should consider the kudos of being the first hacker to genuinely crack OS X. It would be instant fame. I bet that there are many dedicated hackers trying like buggery to crack OS X. I don't buy the small target and low interest explanation as the main reason OS X hasn't been cracked.

    There does seem to be an awful lot of Mac OS X security scare stories posted on this site, which then turn out to be just more FUD nonsense. Pity, because this site is otherwise a good source of info.

    1. same as above Anonymous -- 07/03/06

      > but given the initial access level
      > granted to the hackers for this
      > 'challenge' their success can
      > hardly be described as a real
      > world threat.

      can you say "server"?

    2. server? you call that server? Anonymous -- 07/03/06

      > can you say server?

      a server that allows everybody to set up a new account and ssh into it?

      try to set that up with any OS, and see it go down real fast.
      ++ chris

    3. A non-issue Rob klein -- 07/03/06

      <p>I wouldn't even be very worried if they could break into OS X using only IP and OS type...</p>

      <p>There is undoubtely a way to attack OS X from the remote using yet unknown vulnerabilities.</p>

      <p>Every year there is a very small percentage of OS X (or any OS for that matter) systems that get broken into by unpublished flaws.</p>

      <p>However these flaws come out and fixes are might. Add a good firewall to this, and a doses of common sense you are at very low risk of becoming a victim in general.</p>

      <p>This type of "news" is ofcourse useless. The only value it has is entertainment, i find it very entertaining that someone would invite attackers to break into such a insecure setup and expect it to fail :-).</p>

  16. MAC OS X hacked? Anonymous -- 07/03/06

    I have been on Macs for years now and have no serious complaints about their products, including OS X, and I can't see myself ever going back to the MS world.

    I don't believe OS X is invulnerable and I am not complacent about security, but given the initial access level granted to the hackers for this 'challenge' their success can hardly be described as a real world threat. The only information the hackers should have been given was the IP address and the OS type. If they had hacked that at all, let alone in under 30 minutes, then I would be very concerned.

    Those who say that the only or main reason that OS X security has not been compromised yet is because of its small market share, should consider the kudos of being the first hacker to genuinely crack OS X. It would be instant fame. I bet that there are many dedicated hackers trying like buggery to crack OS X. I don't buy the small target and low interest explanation as the main reason OS X hasn't been cracked.

    There does seem to be an awful lot of Mac OS X security scare stories posted on this site, which then turn out to be just more FUD nonsense. Pity, because this site is otherwise a good source of info.

  17. Um who is the editor here? do they have a clue? Anonymous -- 07/03/06

    just plain bad

  18. Wake up apple users kevin Davies -- 07/03/06

    I grew up with apples, I do use apple as well as windows (admittedly windows is my primary system).
    You can't shove random statistics in the story. Apple have a nice track record yeah but how can you argue about popularity. Because Microsoft may have the majority of uses doesn't make it better though it does make it a bigger target. Soon all these ignorant "we're invincible" OS X users will be infested as sales go up.
    Whoever said it is common knowledge that osx is the most secure is also full of **** It's common knowledge that Linux is the most secure. This is because hardass people sit there and try to find vulnerabilities and then those same hardass coders fix that problem. Anyways i've just waisted a fuckload of time replying to this because 1 way or another it won't effect me I just know I&#8217;ll laugh when interest dies rise and there are apple hacks all over the place. I'll laugh that Microsoft have had years of experience in security and will always be years ahead.

    1. More Proof... Mac Master -- 07/03/06

      that Windows users are ignorant. The guy gave the hacker access to the box with a SSH login. Do you morons know what SSH is? It stands for Secure Shell. Obviously the system is not secure when you let a stranger in. This is is no way a typical setup. Besides, this happpens to you #$%!* Windows users all the time, it's called SPYWARE!!!! And to all those posers (that's you Kevin Davies) that say they use Apple computers, keep trying to pass that off to your ignorant Windows users. Peace Out!

      P. S. I work as a Sys Admin in a Windows shop but use my 12" Powerbook for all my work. Booh Yah.

    2. Dam **** you're hardcore Kevin -- 07/03/06

      Again. it all points back to the Apple having a share in the market that isn't worth wanting to bother with. The only thing I use my powerbook for is to download torrents. Spyware, Well alot of that can fall under common stupidity. Microsoft having the dominant share are no doubt going to be targed the most and anyone stupid enough to go to a porn website, Accept the install file prompt (just clicking yes like so many do) deserve to have their computers rooted over. Which makes me wonder, how Hypocritical can you get. You're raving on about being "let in" and yet when someone clicks the yes button when visiting porn that says "Do you wish to allow *site* to install software on your machine" it's all microsofts fault for being insecure.

    3. Damn...you're a phony Mac Master -- 07/03/06

      More proof that you are another phony "I use Macs" user. There is no such thing as a "Click on Yes" dialogue box in Mac OS X. IT ASKS FOR YOUR FRIGGEN ADMIN PASSWORD!!!! Jeez, how many times time does this have to be repeated!!!

      Please, Kevin and the other tools here, quit showing your ignorance. I'd like to also note, like a previous post, the guy running the test is a Windows programmer looking to spread FUD. Look at the photo of his Mac mini and note the books on the shelf. It says it all.

    4. . Anonymous -- 07/03/06

      lol all you losers that try to add credibility to your worthless comments by flopping out your e-**** thinking we care what sort of totally awesome job you have should go home to your macs and stay there so the rest of the world doesnt have to put up with your ****

      kevin is the most on the money so far

    5. um, no. kevinISaTool -- 07/03/06

      kevin is a tool, and is completely off base. he obviously doesn't understand how spyware works. some spyware is installed without the user clicking "Yes, please pwn me". Windows fan-boys hopped onto this thread a lot quicker than I expected.. in 10 years when Apple owns Disney and has a 50% (and climbing) pc market share, what will the fan boys do?

    6. Kevin Anonymous -- 07/03/06

      Bullshit....Let kevin prove it. Here ya go Kev. Take a shot you **** poser.

      http://test.doit.wisc.edu/

    7. Stupidity Anonymous -- 08/03/06

      Pull the stick out of your **** and wake up. MacOS is Unix effort with the same hardasses working on it. Stay in your stupid-**** profession and let us computer programmers be the smarts ones, cause you are not.

  19. Codswallop Anonymous -- 07/03/06

    As comments before me have noted: this article is horribly researched, and, in its current state, nothing more than a sad example of sensationalist FUD. What type of server? What software?

    I run a Mac based server near 24x7, and have never been "owned" --- more details, or take this ridiculous article offline!

    1. Boulderdash! Anonymous -- 07/03/06

      This comment is horribly researched. What type of server? What software?!

      What kind of proof do you have that you've never been "owned"? You're some kind of omnipresent system administrator aware of all activity on the machine?

      more details please, or take this ridiculous comment offline.

  20. No firewall and gives user account on mac Anonymous -- 07/03/06

    It seems that the mac is set up to give anyone a user account on the mac with admin privileges (so they can use one of the "vulnerabilities" that would require actual physical access to your computer and a user password.)

    1. ssh account Anonymous -- 07/03/06

      i doubt that he was dumb enough to give them an account with admin privilegues.. otherwise the machine would have been "hacked" in mere seconds (using sudo)

      but still, setting up a machine with remote login and a LDAP server that everybody can access is bound to be hacked unless you know *very* well what you're doing.
      ++ chris