Linked by Thom Holwerda on Mon 6th Mar 2006 15:52 UTC, submitted by netpython
Mac OS X Gaining root access to a Mac is 'easy pickings', according to an individual who won an OS X hacking challenge last month by gaining root control of a machine using an unpublished security vulnerability. On February 22, a Sweden-based Mac enthusiast set his Mac Mini as a server and invited hackers to break through the computer's security and gain root control, which would allow the attacker to take charge of the computer and delete files and folders or install applications. Within hours of going live, the 'rm-my-mac' competition was over. The challenger posted this message on his Web site: "This sucks. Six hours later this poor little Mac was owned and this page got defaced".
Thread beginning with comment 101858
To read all comments associated with this story, please click here.
Missing the point
by JoeBuck on Mon 6th Mar 2006 18:55 UTC
JoeBuck
Member since:
2006-01-11

Yes, it is correct that the owner granted SSH access, and the cracker then used a local privilege escalation exploit. But the point you're missing is that because the black hats have a number of such exploits available, getting a user to run a trojan gives the bad guy root. It's one half of a two-stage attack: first get access as an ordinary user (trick the user into executing some code, by a trojan or a buffer overflow exploit). Then the bad guy is an ordinary user. The second step is to get root. So don't think that because you don't allow remote SSH access, that you are safe.

Mac users should demand that Apple be more aggressive about fixing security bugs. Apple hasn't been as aggressive as they need to be because their customer base is complacent.

Reply Score: 5

RE: Missing the point
by someone on Mon 6th Mar 2006 23:36 in reply to "Missing the point"
someone Member since:
2006-01-12

I agree with the second part: Apple need to be more aggressive about fixing security bugs. They should also find better ways to address social engineering attacks (for example, making it easier to distinguish between a file and an application package).

However, you should also notice that many Macs are behind a router and/or ipfw.

Reply Parent Score: 1

RE[2]: Missing the point
by Beryllium on Tue 7th Mar 2006 01:55 in reply to "RE: Missing the point"
Beryllium Member since:
2005-07-08

Wow, way to miss the point a second time.

Reply Parent Score: 1