OSX Hacked in Under 30 Mins

[xxdesmus]

OSX Hacked in Under 30 Minutes

On February 22, a Sweden-based Mac enthusiast set his Mac Mini as a server and invited hackers to break through the computer's security and gain root control, which would allow the attacker to take charge of the computer and delete files and folders or install applications.

Within hours of going live, the "rm-my-mac" competition was over. The challenger posted this message on his Web site: "This sucks. Six hours later this poor little Mac was owned and this page got defaced".

The hacker that won the challenge, who asked ZDNet Australia to identify him only as "gwerdna", said he gained root control of the Mac in less than 30 minutes.

"The only thing which has kept Mac OS X relatively safe up until now is the fact that the market share is significantly lower than that of Microsoft Windows or the more common UNIX platforms.? If this situation was to change, in my opinion, things could be a lot worse on Mac OS X than they currently are on other operating systems," said Archibald at the time.

Source: ZDNet Australia

rm My Mac

This is exactly what I have been saying since day one, your OS is not secure just because no one cares to try and hack the few of them out there.Discuss. Go. b>

Edited March 6, 2006 by xxdesmus

[Max Veteran]

I agree. Nothing is safe unless its unplugged from the internet.

[obsolete_power]

This is complete bull

[Malisk]

Assuming it was properly configured with all the tools that OS comes with, ... :blink:

This is complete bull

Please enlighten us why? :huh:

[obsolete_power]

I don't believe it one bit

[xxdesmus]

This is complete bull

I don't believe it one bit

Care to explain your insightful comment? Gee, you're just full of insightful comments today

...Or is this just you being hopeful? :whistle:

[Malisk]

Well, it is a bit worrying if he used an undisclosed vulnerability to do it with like the article says.

These things exist, and it would be unfortunate for OS X if there was one or more of these around and known in the "underground".

[-hurley18]

Interesting

[Vice]

doesn't look like the site has changed or said it is over :s

[orestes]

This is complete bull

afraid to admit your little OS is just as vulnerable as any other?

Seems to be common sense to me, and this gave me alittle chuckle....if you think your safe just because your using a mac your an idiot.

[obsolete_power]

Care to explain your insightful comment? Gee, you're just full of insightful comments today

...Or is this just you being hopeful? :whistle:

Well this can very well have been staged and setup prior to the "competition"

[betasp]

There is no information about how the test was setup. I need more info. Was there a firewall used, what was the machine running (apache, php, ?)?

[obsolete_power]

afraid to admit your little OS is just as vulnerable as any other?

Seems to be common sense to me, and this gave me alittle chuckle....if you think your safe just because your using a mac your an idiot.

Hahaha....don't make me hurt you. Now on a more serious note, I most certainly do not think I am safe because I am on a mac. The only reason the mac os is considered "safe" is due to the fact that it is not in the spotlight meaning there hasn't been much attempt to compromise the OS just yet. Those days will probably be here in no time now that apple has switched to bloody intel. It is certainly a lot safer than windows right now but only because windows is the number one target for malicious behaviour. Mac OS has definitely have more secure features than windows but are certainly not in any way hack-proof.

[Vice]

I think this is BS aswell. Need more evidence to prove it was actually hacked. Probably some people having a laugh at ZDNet's expense.

[xxdesmus]

There is no information about how the test was setup. I need more info. Was there a firewall used, what was the machine running (apache, php, ?)?

Here is info from this site:

It runs a default install of Mac OS X Tiger, plus fink and some decent versions of Apache, MySQL and PHP. Software Update recently updated it to Mac OS X 10.4.5 and fixed some security issues.

Yup, I should be pretty secure, shouldn't I? <--- BZZZZT, WRONG Kinda like OpenBSD <--- NO, NOT REALLY., with the exception that this particular operating system was actually designed to be useful. That's why I set up an LDAP server and linked it to the Macs naming and authentication services, to let people add their own account to this machine. That way, they will all be able to enjoy the beauty of Mac OS X Tiger. And, of course, get a better chance of rm'ing it!

The only weakness I see in this is that the guy is facilitating the creation of an account on the box. That makes it a little bit easier, but I doubt that is an excuse. :pinch:

Also if you look at the dates on the bottom of the guys page it looks like he reset the system for another round of being rooted.

Feb 23, 2006

We lost internet connectivity for 16 hours but now we're back on track again.

Feb 22, 2006

This sucks. Six hours later this poor little Mac was owned and this page got defaced. Good thing is it didn't get rm'd! Way to go PTP.

afraid to admit your little OS is just as vulnerable as any other?

I am glad you said it and not me...I've been warned enough for this kind of talk :laugh:

[bobbba]

It doesn't give you much to go on as it does not explain in anyway how the Mac was compromised.

So far the Mac remains a relatively safe platform with a very low risk from viruses, spyware, malware etc and this article provides little basis to challenge that.

I think people are just hoping the Mac platform will be badly compromised and are looking for any sign of weakness no matter how small after a minority of Mac Owners gloated about the OS X's record.

[obsolete_power]

It doesn't give you much to go on as it does not explain in anyway how the Mac was compromised.

So far the Mac remains a relatively safe platform with a very low risk from viruses, spyware, malware etc and this article provides little basis to challenge that.

I think people are just hoping the Mac platform will be badly compromised and are looking for any sign of weakness no matter how small after a minority of Mac Owners gloated about the OS X's record.

Finally someone says something valid and credible

[The_Decryptor Veteran]

This is exactly what I have been saying since day one, there is no such thing as security by obscurity (or minority).

The only people who have been saying that (in my experience) are disgruntled windows users, just my opinion though (and never mind the fact that it's not really true, Apache is used more than IIS, yet IIS is compromised more)

Anyway, it's not exactly "fair", if i setup a windows machine and allowed anybody to walk up (physically and via ssh) and run applications, of course it's going to get hacked, even if i add a firewall, anti-virus, run as a limited user, etc.

Basically, if you allow people through the security mechanisms any OS (OS X, Windows, Linux, BSD, etc.) offers, of course it's going to get hacked

[tomwarren Veteran]

It doesn't give you much to go on as it does not explain in anyway how the Mac was compromised.

So far the Mac remains a relatively safe platform with a very low risk from viruses, spyware, malware etc and this article provides little basis to challenge that.

I think people are just hoping the Mac platform will be badly compromised and are looking for any sign of weakness no matter how small after a minority of Mac Owners gloated about the OS X's record.

Indeed. My thoughts exactly.

[Panz Icarus]

I agree, while i do feel relatively safe on my mac i do realise if it is connected to the internet then i will be at risk. I think it is only a matter of time the OSX gets a major virus unfortunately.

[EZRecovery]

Whether the article is true or not, it was interesting reading it.

/EZ

[thermal+paste]

whatever

[Cyrana]

Just a quick question...

How is this possible on a default install? On a default install all ports are closed, but not stealth. How can you hack in if there isn't an attack vector? Did they enable Apache and all that stuff? Seems a stupid thing to do, since the only home users who want to run a web server are going to be people will probably know what they are doing anyway, and in that case it ends up being an apache vulnerability, too. It isn't a default configuration in that case, either.

EDIT: Finished the article. But I still don't think enabling LDAP, Apache and all that is a very great test. In the end that sort of stuff comes down to how much the admin knows who sets the machine up, not the OS itself.

[TheNay]

I agree. Nothing is safe unless its unplugged from the internet.

Its tru;);) Anyone with the intention and right knowledge can be hacked within minutes. Scary but true.. lol

[_Pablo]

No general purpose OS developer is willing to guarantee their software is free from defects, so users shouldn't expect it to be!

The reality is that general purpose operating systems are now so sophisticated and the interplay of all the functions so complex, that it's now impossible to prove the OS to be secure. Even when something is coded correctly according to the spec and has no directly exploitable bugs, the attacks that some crackers can bring to bear, are so unexpected and innovative that they outflank any defenses. That makes for a pretty one sided battle for OS developers to fight - consumers and businesses generally pay for functions whereas crackers are now exploiting these functions.

Even when the difficulty of the task is considered, I would imagine that Apple have driven harder to innovate than to secure and OS X has left plenty of low hanging fruit to exploit...with the arrival of lots of new Mac users the attention of the crackers fill soon turn to an all out assault on OS X. So I for one am under no illusions and expect to be seeing lots of Software Updates on my MacBook Pro in the coming years.