toggle

AAPL Stock: 111.78 ( -0.87 )

Printed from http://www.macnn.com

Mac OS X hacker gains control in 30 min

updated 09:50 am EST, Mon March 6, 2006

Mac OS X compromised

One hacker was able to gain control of a Mac OS X machine within 30 minutes, according to a new report. ZDNet Australia reports that Mac OS X was hacked within 30 minutes using an unpublished security vulnerability. The "gwerdna" hacker, who was able to quickly gain root access to the Mac, was responding to a "rm-my-mac" challenge issued in late February by a Sweden-based Mac enthusiast. While the hacker said that the Mac could have been better protected, he said that it would not have made a difference, as he exploited a vulnerability that has not yet been made public or patched by Apple, according to the report. "Gwerdna" said that Apple's OS--often touted as more secure than its Windows counterpart--is "easy pickings" when it comes to vulnerabilities and that relatively low marketshare leaves most hackers uninterested in the platform. Although Apple has quickly responded to new virus and security threats published in the past month, other researchers still believe that old flaws in Mac OS X leave the OS vulnerable to attacks.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. jhorvatic

    Joined: Dec 1969

    0

    What Mac did he gain cont

    What Mac did he gain control of? His own? Big deal! Let's see him break into any Mac out in the real world and not in his own house and see how far he gets. The first problem he has is to find you. The second problem is he has to get through your router firewall. The third problem is he has to get through the Macs firewall. The fourth problem is he has to gain access to your password. I seriously doubt he gained control of anything but his own. This story is missing so much detail that it really sounds phoney. And ZDNET has been pushing all of these stories that have no facts behind them and were really not the big security problems as hardly even one person got attacked.

  1. Foe Hammer

    Joined: Dec 1969

    0

    You're Not Saying ...

    ... that Zero Data Net is engaging in it usual MS-sponsored brand of FUD again, are you?

  1. das

    Joined: Dec 1969

    0

    Article VERY misleading

    The article fails to mention that anyone on the globe who wished it was given *local access* to the machine via ssh! Yes, there are local privilege escalation vulnerabilities; likely some that are "unpublished". But this machine was not hacked from the outside just by being on the Internet. It was hacked from within, by someone who was allowed to have a local account on the box. That is a huge distinction.

  1. Icarust

    Joined: Dec 1969

    0

    cool hack

    I believe the hack is true: this "hacker" probably forgot the password to their system, so they used an install disc to reset it. Good work, I hope Apple does patch this one either.

  1. davin8or

    Joined: Dec 1969

    0

    bogus

    Any hacker sophisticated enough to hack MacOSX would probably come up with a better handle than his name and last name initial spelled backwards. (AndrewG). I have been suspicious by the FUD published by CNET for some time - this "article" seals it for me.

  1. I.P. Freely

    Joined: Dec 1969

    0

    what the h***?

    If you read the Znet article it make sit sound like they took over the machine... but if you read the rm-my-mac site. there is no mention of this punkass remotely controlling this machine.

    Defacing someone's website, does not equal controlling the machine.

    This could be fault of php, apche, mysql... or some other product. but nothing about OS x being hacked. this article is bullshit.

    Feb 22, 2006 This sucks. Six hours later this poor little Mac was owned and this page got defaced. Good thing is it didn't get rm'd! Way to go PTP.

  1. beeble

    Joined: Dec 1969

    0

    cracker??

    Any "news" agency that calls a cracker a hacker tells me they don't know squat. This is basic terminology that very few seem to be able to get right. Probably because very few in the media these days have a clue.

  1. Zaren

    Joined: Dec 1969

    0

    Not even close

    Thed "hacker" in question was given a LOCAL account on the Mac that he could access via SSH. This isn't even close to the sc@r33 h@x0r they're trying to make this out to be. To wit: check out test.doit.wisc.edu for a *real* "hack my Mini" contest.

  1. jarod

    Joined: Dec 1969

    0

    Is it April Fools already

    People's desperate attemp for attention is really becoming pathetic. What's worse; all sites rush to publish this bullshit. So much for reputable Mac sites.

  1. aristotles

    Joined: Dec 1969

    0

    Does anyone turn on SSH?

    SSH is off by default. Why would he turn it on?

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Dell AD211 Bluetooth speaker

For all of the high-priced, over-engineered Bluetooth speakers in the electronics market, there is still room for mass-market solution ...

VisionTek 128GB USB Pocket SSD

USB flash drives dealt the death blow to both the floppy and Zip drives. While still faster than either of the old removable media, sp ...

Kodak PixPro SL10 Smart Lens Camera

Smartphone imagery still widely varies. Large Megapixel counts don't make for a good image, and the optics in some devices are lackin ...

toggle

Most Commented