Mac OS X, easy to hack --- ohh yeah

[Franny]

For those of you that think Microsoft makes crappy / unsafe software compared to Apple, think again. It's been my point all along that the only reason alternative OS's and browsers have not been exploited is because there is no point in a hacker to write an exploit when there are very few users. I encourage readers out there to debate this issue and approach this issue with respect rather than just calling me childish names.

http://news.zdnet.com/2100-1009_22-6046197.html

Winner mocks OS X hacking contestBy Munir Kotadia, ZDNet Australia
Published on ZDNet News: March 6, 2006, 6:38 PM PT



Gaining root access to a Mac is "easy pickings," according to an individual who won an OS X hacking challenge last month by gaining root control of a machine using an unpublished security vulnerability.

On Feb. 22, the Sweden-based Mac enthusiast set up his Mac Mini as a server and invited hackers to break through the computer's security and gain root control, which would allow the attacker to take charge of the computer and delete files and folders or install applications.

Participants were given local client access to the target computer and invited to try their luck.

Within hours of going live, the "rm-my-mac" competition was over. The challenger posted this message on his Web site: "This sucks. Six hours later, this poor little Mac was owned, and this page got defaced."

The hacker who won the challenge, who asked ZDNet Australia to identify him only as "Gwerdna," said he gained root control of the Mac in less than 30 minutes.

"It probably took about 20 or 30 minutes to get root on the box. Initially, I tried looking around the box for certain misconfigurations and other obvious things, but then I decided to use some unpublished exploits--of which there are a lot for Mac OS X," Gwerdna told ZDNet Australia.

According to Gwerdna, the hacked Mac could have been better protected, but it would not have stopped him because he exploited a vulnerability that has not yet been made public or patched by Apple Computer.

"The rm-my-mac challenge was set up similar to how you would have a Mac acting as a server--with various remote services running and local access to users...There are various Mac OS X-hardening guides out there that could have been used to harden the machine, however, it wouldn't have stopped the vulnerability I used to gain access. There are only limited things you can do with unknown and unpublished vulnerabilities. One is to use additional hardening patches--good examples for Linux are the PaX patch and the Grsecurity patches. They provide numerous hardening options on the system and implement nonexecutable memory, which prevent memory-based corruption exploits," Gwerdna said.

Gwerdna concluded that OS X contains "easy pickings" when it comes to vulnerabilities that could allow hackers to break into Apple's operating system.

"Mac OS X is easy pickings for bug finders. That said, it doesn't have the market share to really interest most serious bug finders," Gwerdna added.

Apple's OS X has come under fire in recent weeks with the appearance of two viruses and a number of serious security flaws, which have since been patched by the Mac maker.

In January, security researcher Neil Archibald, who has already been credited with finding numerous vulnerabilities in OS X, told ZDNet Australia that he knows of numerous security vulnerabilities in Apple's operating system that could be exploited by attackers.

"The only thing which has kept Mac OS X relatively safe up until now is the fact that the market share is significantly lower than that of Microsoft Windows or the more common Unix platforms...If this situation was to change, in my opinion, things could be a lot worse on Mac OS X than they currently are on other operating systems," Archibald said at the time.

An Apple Australia representative said on Monday that the company was unable to comment at this stage. Representatives at Apple's Cupertino, Calif., headquarters could not be reached for comment.

Munir Kotadia of ZDNet Australia reported from Sydney.

[shantyman]

Franny = moron

Quote:

Dodgy OS X hack prompts genuine challenge

Hack a Mac for fame
Tom Sanders in California, vnunet.com 07 Mar 2006
ADVERTISEMENT

The University of Wisconsin has launched a competition in which hackers are challenged to break into an OS X system connected to the internet.

"Mac OS X is not invulnerable. Like any other operating system, it has security deficiencies in various aspects of the software," claimed Dave Schroeder, the competition's organiser.

"However, the general architecture and design philosophy of Mac OS X, in addition to the use of open source components for most network-accessible services that receive intense peer scrutiny from the community, make Mac OS X a very secure operating system."

Schroeder is a systems administrator at the University of Wisconsin where he manages both OS X and Unix systems.

His challenge was launched in response to a similar competition last month in which a blogger created user accounts for contestants on a Mac Mini and challenged them to hack into the system by defacing a website.

A hacker by the name of 'Gwerdna' claimed to ZDNet Australia that he won the competition, boasting that the operating system was "easy pickings" and that it took him no more than 30 minutes.

The story made the headlines on Monday, but incorrectly presented the penetration as a 'genuine hack' when it should have been described as a 'privilege escalation for a legitimate user'.

A privilege escalation is similar to breaking into a different user account while sitting behind a computer and is considered significantly easier then hacking into a fully protected system over the internet.

The failure to make this difference prompted Schroeder to describe the ZDNet Australia report as "woefully misleading".

A spokesman for Apple did not return vnunet.com's phone calls seeking comment.

The University of Wisconsin's challenge provides contestants with a URL for the system that they need to hack.

The system is a Mac Mini running the latest version of OS X as well as all the latest security updates. It has been configured with two local user accounts and has SSH and HTTP open. The latter are not typical settings for an average user, according to Schroeder.

Contestants who claim to have succeeded in hacking the system must provide details about how they breached the security walls, which will be provided to Apple. The winner gets a claim to fame, but no material price.

Permalink for this story | View trackbacks to this story
Trackback URL: http://www.vnunet.com/actions/trackback/2151455

[Franny]

Quote:

Franny = moron

Is this really neccesary? You realize that Slashdot junk is written by a Mac blowhard right? The ZDNet stuff is unbiased.

[shantyman]

Priceless, I present you with facts and you have a lame response. Slashdot only links to stories. Did you even read it? Probably not. You don't like the information I posted so you ignore it and deflect it by mentioning something else.

You are not worth arguing with, because you refuse to ever concede a point. There is one correct opinion, yours, and that's the end of that.