Linked by Thom Holwerda on Mon 6th Mar 2006 21:59 UTC, submitted by crispoe
Mac OS X "In response to the woefully misleading ZDnet article, 'Mac OS X hacked under 30 minutes', the academic Mac OS X Security Challenge has been launched. The ZDnet article, and almost all of the coverage of it, failed to mention a very critical point: anyone who wished it was given a local account on the machine (which could be accessed via ssh). The challenge is as follows: simply alter the web page on this machine, test.doit.wisc.edu. The machine is a Mac mini (PowerPC) running Mac OS X 10.4.5 with Security Update 2006-001, has two local accounts, and has ssh and http open - a lot more than most Mac OS X machines will ever have open."
Permalink for comment 101965
To read all comments associated with this story, please click here.
RE: local account
by Deviate_X on Mon 6th Mar 2006 23:29 UTC in reply to "local account"
Deviate_X
Member since:
2005-07-11

"Why are so many people quick to defend Apple, when there's a good amount of evidence security researchers are picking OSX"

I remember the first editions of OSX where one could take ‘root’ and take down the kernel with simple commands (http://www.google.co.uk/search?hl=en&safe=off&q=osx+privilege+escal...).

Despite this there are many in the apple community continually promoting the idea that OS X is practically invulnerable.

Edited 2006-03-06 23:31

Reply Parent Score: 4