This story was printed from ZDNet Story
URL: http://news.zdnet.co.uk/software/mac/0,39020393,39256036,00.htm
Mac
hacking competition winner mocks Apple security Gaining root access to a Mac is "easy
pickings", according to an individual who won an OS X hacking challenge
last month by gaining root control of a machine using an unpublished security
vulnerability. On 22 February, the Sweden-based Mac enthusiast set up
his Mac Mini as a server and invited hackers to break through the computer's
security and gain root control, which would allow the attacker to take charge
of the computer and delete files and folders or install applications. Participants were given local client access to the
target computer and invited to try their luck. Within hours of going live, the "rm-my-mac"
competition was over. The challenger posted this message on his Web site:
"This sucks. Six hours later, this poor little Mac was owned, and this
page got defaced." The hacker who won the challenge, who asked ZDNet "It probably took about 20 or 30 minutes to get
root on the box. Initially, I tried looking around the box for certain
misconfigurations and other obvious things, but then I decided to use some
unpublished exploits — of which there are a lot for Mac OS X,"
Gwerdna told ZDNet Australia. According to Gwerdna, the hacked Mac could have been
better protected, but it would not have stopped him because he exploited a vulnerability
that has not yet been made public or patched by Apple. "The rm-my-mac challenge was set up similar to
how you would have a Mac acting as a server — with various remote
services running and local access to users... There are various Mac OS X-hardening
guides out there that could have been used to harden the machine, however, it
wouldn't have stopped the vulnerability I used to gain access. There are only
limited things you can do with unknown and unpublished vulnerabilities. One is
to use additional hardening patches — good examples for Linux are the PaX
patch and the Grsecurity patches. They provide numerous hardening options on
the system and implement nonexecutable memory, which prevent memory-based
corruption exploits," Gwerdna said. Gwerdna concluded that OS X contains "easy
pickings" when it comes to vulnerabilities that could allow hackers to
break into Apple's operating system. "Mac OS X is easy pickings for bug finders. That
said, it doesn't have the market share to really interest most serious bug
finders," Gwerdna added. OS X has come under fire in recent weeks with the
appearance of two pieces of malware and a number of serious security flaws,
which have since been patched by the Mac maker. In January, security researcher Neil Archibald, who
has already been credited with finding numerous vulnerabilities in OS X, told
ZDNet "The only thing which has kept Mac OS X
relatively safe up until now is the fact that the market share is significantly
lower than that of Microsoft Windows or the more common Unix platforms... If
this situation was to change, in my opinion, things could be a lot worse on Mac
OS X than they currently are on other operating systems," Archibald said
at the time. An Apple Australia representative said on Monday that
the company was unable to comment at this stage. Representatives at Apple's Have a great day!
|
- [info-tech] Microsoft Learning Gateway Framework Summit Kathy Petersen
- [info-tech] Mac hacking competition winner mocks Apple... Rex Peterson