Show me someone hacking in without admin rights...without physical access...then I might be impressed. Pulling a cheap trick that relies on PEBCAK...BFD.

This gives white hat hackers a chance at (a) remuneration and (b) kudos. Might help keep people away from the Dark Side.

Didn't this already happen? And weren't @Mr. Strat's arguments stated then, too?

The various tech media a reporting ONLY that Safari was compromised. They aren't mentioning the other browsers. Only Mac media sites are reporting that all three browsers were hacked. I wonder why that is?

They were allowed to do all the work in advance, finding the exploit, crafting a web page to take advantage of it and the on-scene 'exploit' consisted of the winners directing the people at the keyboards to "click on the link here, please".

This is merely cheap gimmicry.

When he can attack a Mac without having the user unlock the front door for him and invite him in, then it will be newsworthy.

My house can be broken into and everything valuable stolen in just 5 minutes...as long as the alarm is disarmed and the front door is unlocked.

yawn

Not the same thing.

If they logged into the computer as an admin, left it on, walked away, and then someone else walked up to the machine and claimed "I hacked it!", then that would be the same thing.

Almost every windows flaw and piece of malware is due to social engineering. Trying to get people to go to web-site A to get some video codec to see Britney spears having L****** s** with justin timberlake. Or convincing them that they need to download the latest flash plug-in (and browsers making that so much easier to con people, as users now expect the browser to install it for you, rather than downloading it yourself, then finding the disk image, opening it up, and then running the installer).

And if the article was all about how IE 8 was 'hacked' in the same manner, everyone here would be chortling about how insecure MS software is and such, and not defending it as a social engineering issue.

I don't know why EVERYBODY thinks that social engineering attacks don't count. That's ALL THAT EXISTS ON WINDOWS. Look it up. The last self-spreading attack on Windows occurred in 2006 (and it was caused by QuickTime ironically enough).
Self-spreading malware has been eliminated due to software firewalls and egress filtering. But malware that spreads by asking users to click on a link is very much real, and very very real on the Mac.

Safari/WebKit/QuickTime have had over 70 vulnerabilities every year since 2005. That's not an insignificant number, and in some years it topped Internet Explorer's vulnerability count.

Social engineering attacks are very real. Nearly EVERYBODY runs their Mac as admin, and Mac users are no more or less likely to be susceptible to a social engineering attack than a Windows user. Why do you think Apple added anti-phishing and other anti-social engineering meausres to Safari recently?