Sure. http://www.securityfocus.com/news/11461
Note Dai Zovi admits to being a mac fanboy also. Here is a relevant few paragraphs. I love at the end where he practically talks to Tom. In all he found the flaw friday morning, wrote the exploit in a couple hours and then the exploit took seconds to take down the mac. *At about 10 p.m., the New York City-based security expert sat down and started looking in likely places for a serious bug that could satisfy the challenge. Several months ago, he had done some poking around the Mac OS X's operating system and applications looking for vulnerabilities and found a few promising places in the software that could hide flaws, Dai Zovi said. Checking the suspect code early Friday morning, Dai Zovi discovered a single flaw.* * "I only found one," he said. "But by later that morning, I had a working exploit."* * Despite their success, Dai Zovi and Macaulay are not maintaining that the Mac OS X is any more or less secure than, say, a Windows Vista system or some variant of Unix. While Macaulay uses a MacBook installed with Windows Vista, Dai Zovi considers himself a Mac fanboy and uses Macs regularly. The contest just shows that Mac users have to worry about vulnerabilities just as much as other computer users, Dai Zovi said. It's a fact of life with which all security experts are familiar, but to which some Mac users seem resistant.* * "It works. It is real. This is not something that I have made up," Dai Zovi said. "It seems that a lot of people harbor the belief that the Mac doesn't have these problems, but it does."* On Thu, Jul 23, 2009 at 8:15 AM, Snyder, Mark - IdM (IS) < mark.sny...@ngc.com> wrote: > Mike, can you defend this "couple of hours" with reference? I recall > reading that he spent several days or a few weeks finding the > vulnerability and writing the exploit script before the Pwn2own > competition (I searched, but found no reference to offer). > > Thank you, > > Mark Snyder > -----Original Message----- > Exactly. He found the exploit and wrote it in a couple hours...took > over the mac in about as much time as it takes to go to a web page. > Same way most windows machines are taken over. > > > ************************************************************************* > ** List info, subscription management, list rules, archives, privacy ** > ** policy, calmness, a member map, and more at http://www.cguys.org/ ** > ************************************************************************* > ************************************************************************* ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *************************************************************************
