[iBook] Mac OS X hacked in less than 30 minutes

[Jim Manley]

http://news.com.com/Mac+OS+X+hacked+in+less+than+30+minutes/ 
2100-1002_3-6046197.html?tag=nefd.top

update Gaining root access to a Mac is "easy pickings," according to  
an individual who won an OS X hacking challenge last month by gaining  
root control of a machine using an unpublished security vulnerability.

On Feb. 22, the Sweden-based Mac enthusiast set up his Mac Mini as a  
server and invited hackers to break through the computer's security  
and gain root control, which would allow the attacker to take charge  
of the computer and delete files and folders or install applications.

Participants were given local client access to the target computer  
and invited to try their luck.

Within hours of going live, the "rm-my-mac" competition was over. The  
challenger posted this message on his Web site: "This sucks. Six  
hours later, this poor little Mac was owned, and this page got defaced."

The hacker who won the challenge, who asked ZDNet Australia to  
identify him only as "Gwerdna," said he gained root control of the  
Mac in less than 30 minutes.

"It probably took about 20 or 30 minutes to get root on the box.  
Initially, I tried looking around the box for certain  
misconfigurations and other obvious things, but then I decided to use  
some unpublished exploits--of which there are a lot for Mac OS X,"  
Gwerdna told ZDNet Australia.

According to Gwerdna, the hacked Mac could have been better  
protected, but it would not have stopped him because he exploited a  
vulnerability that has not yet been made public or patched by Apple  
Computer.

"The rm-my-mac challenge was set up similar to how you would have a  
Mac acting as a server--with various remote services running and  
local access to users...There are various Mac OS X-hardening guides  
out there that could have been used to harden the machine, however,  
it wouldn't have stopped the vulnerability I used to gain access.  
There are only limited things you can do with unknown and unpublished  
vulnerabilities. One is to use additional hardening patches--good  
examples for Linux are the PaX patch and the Grsecurity patches. They  
provide numerous hardening options on the system and implement  
nonexecutable memory, which prevent memory-based corruption  
exploits," Gwerdna said.

Gwerdna concluded that OS X contains "easy pickings" when it comes to  
vulnerabilities that could allow hackers to break into Apple's  
operating system.

"Mac OS X is easy pickings for bug finders. That said, it doesn't  
have the market share to really interest most serious bug finders,"  
Gwerdna added.

Apple's OS X has come under fire in recent weeks with the appearance  
of two viruses and a number of serious security flaws, which have  
since been patched by the Mac maker.

In other news:

What does AT&T/BellSouth mean?
Who wants or needs 64 bits?
Reverse engineering 'The Godfather'
Maps to the stars go online
News.com Extra: What do women want from gaming?
In January, security researcher Neil Archibald, who has already been  
credited with finding numerous vulnerabilities in OS X, told ZDNet  
Australia that he knows of numerous security vulnerabilities in  
Apple's operating system that could be exploited by attackers.

"The only thing which has kept Mac OS X relatively safe up until now  
is the fact that the market share is significantly lower than that of  
Microsoft Windows or the more common Unix platforms...If this  
situation was to change, in my opinion, things could be a lot worse  
on Mac OS X than they currently are on other operating systems,"  
Archibald said at the time.

An Apple Australia representative said on Monday that the company was  
unable to comment at this stage. Representatives at Apple's  
Cupertino, Calif., headquarters could not be reached for comment.


---
James Paul Manley
Albuquerque, New Mexico

Jim Manley's Photoshop Elements Page
http://www.geocities.com/jim_p_manley/index.html