Myth crushed as hacker shows Mac break-in

[Baliw]

A hacker managed to break into a Mac and win a $10,000 prize as part of a contest started at the CanSecWest security conference in Vancouver.

 

In winning the contest, he exposed a hole in Safari, Apple's browser. "Currently, every copy of OS X out there now is vulnerable to this," said Sean Comeau, one of the organizers of CanSecWest.

 

Read more here

[bwhsh8r]

hahahha..... well, i shouldnt comment as this is still better than ie.... but still.... it proves its not invincible, sorry to all you vunerable mac-folk

[Suzuka]

"You see a lot of people running OS X saying it's so secure, and frankly, Microsoft is putting more work into security than Apple has,"

which is why there are an uncountable number of viruses

[A Nonny Moose]

Yep, it's not invincible. I don't think there's any debate. But neither is Windows. And neither is Linux in any flavor. The numbers still say that the extreme majority of attacks (over 90%) are targeted toward Windows though.

 

ALSO, the original contest couldn't be won for some odd reason (with the same tired wireless attack). So the sponsor changed the rules to a browser based attack (which can be done in any OS) so they wouldn't be embarassed by this "major event to hack OS X."

 

ALSO, when perusing the comments section (which is invaluable), I found this:

 

InfoWorld might want to pull this story, since it has now been reported, they bent the rules to make this hack work: From CNET: "The successful attack on the second and final day of the contest required participants to surf to a malicious Web site using Safari--a type of attack familiar to Windows users. CanSecWest organizers relaxed the rules Friday after nobody at the event had breached either of the Macs on the previous day." So it wasn't a break-in as first believed... which is "priceless" since it shows OSX remains unhacked.

[A Nonny Moose]

In fact, why can't we have a challenge right here at InsanelyMac? One of the new owners can set up four (as close as possible) identical systems, and:

 

1. One has Windows on it with a "regular" not-admin account

 

2. One has OS X (legal) with a regular account

 

3. One is a Hackintosh

 

4. One has some flavor of Linux

 

And we can all see which one gets more attacks (attack meaning gaining root access)

[TvvqKMZ72bsklauw5]

lol, they were about to give away a Mac to the first person who could hack it.

 

NO OS is invisble to attack, granted that the computer is connected to the internet. I still would like someone to say what exactly the vulnerability in Safari was and what the web address was.

[bxsci(macuser)]

unfortunatly in the real world there are no rules that cant be broken or bent - a hacker will hack without checking a law book

[Dainix]

If it can be built, it can also be broken.

[Takuro]

Nobody ever said Macs weren't hackable. The only claim is that there are less exploits for OS X than there are for Windows. When you take into consideration that hackers will proportionately tend to go for the operating system with the biggest market share, this isn't surprising.

 

Well, that's not completely true. OS X is based on Unix. No hacker in their right mind would hack Unix, because most web servers are based on it, and the internet as a whole could collapse if enough things were exploited. That doesn't rule things out completely, but it helps Mac's security to some extent also.