Linked by Thom Holwerda on Mon 6th Mar 2006 21:59 UTC, submitted by crispoe
Mac OS X "In response to the woefully misleading ZDnet article, 'Mac OS X hacked under 30 minutes', the academic Mac OS X Security Challenge has been launched. The ZDnet article, and almost all of the coverage of it, failed to mention a very critical point: anyone who wished it was given a local account on the machine (which could be accessed via ssh). The challenge is as follows: simply alter the web page on this machine, The machine is a Mac mini (PowerPC) running Mac OS X 10.4.5 with Security Update 2006-001, has two local accounts, and has ssh and http open - a lot more than most Mac OS X machines will ever have open."
Permalink for comment 101938
To read all comments associated with this story, please click here.
RE: argument makes no sense
by someone on Mon 6th Mar 2006 22:39 UTC in reply to "argument makes no sense"
Member since:

However, OS X is generally used as a desktop OS and not as a Server. Most real world systems don't have any services turned on by default and many are behind NAT routers. This *mimics* (it's already more wide open than most OS X systems) the real situations better.

OpenBSD would be a fine choice for a server, but I don't people are purchasing Macs to use them as servers.

Reply Parent Score: 5