Security consultant: ‘This is almost certainly the year of the OS X exploit’

“At the recent ShmooCon hacking conference, one security researcher found out the hard way that such venues can be hostile, when an unknown hacker took control of the researcher’s computer, disabling the firewall and starting up a file server,” Robert Lemos writes for SecurityFocus. “While such compromises have become common in the Windows world, this time the computer was a Apple PowerBook running the latest version of Mac OS X. The victim, a security researcher who asked to remain anonymous, had locked down the system prior to the conference and believes that a previously unknown exploit caused the compromise. However, in the following weeks, forensics performed on the system did not reveal any clues as to how the PowerBook had been compromised.”

MacDailyNews Take: Not a clue. An anonymous security researcher. How mysterious! How intriguing! An “unknown exploit?” Shocking. Yawn.

Lemos continues, “The compromise underscores a number of trends that has already caused a shift in focus among flaw finders and could result in more attacks on Mac OS X. Security researchers themselves have moved over to Apple computers in the past few years and have learned the ins and outs of the operating system. The company’s move to Intel-based hardware for its next-generation of Macs also gives flaw finders familiar territory in which to look for bugs. Finally, as Apple continues to garner more market share, the lure of a larger set of targets will make attacks more likely, say security researchers. ‘This is almost certainly the year of the OS X exploit,’ said Jay Beale, a senior security consultant for Intelguardians and an expert in hardening Linux and Mac OS X systems. ‘The OS X platform may be based on a Unix platform, but Apple seems to be making mistakes that Unix made, and corrected, long ago.'”

Blah. blah. blah. The piece continues rehashing and attempting to dress up a bunch of stuff to disguise its lack of substance. We won’t bore you with any more of it here. If you wish, Lemo’s piece — and we do mean “piece” — continues here.

[Thanks to MacDailyNews reader “Qka” for the link.]

MacDailyNews Note: Did you know that SecurityFocus was acquired by Symantec Corporation (see related articles below) in the fall of 2002? According to the SecurityFocus website, “Part of the purchase agreement was to keep SecurityFocus as an independent Website that is not influenced by Symantec corporate policies or products. The SecurityFocus Website retains full editorial discretion for all content and remains a vendor-neutral voice for the security community.” You can decide for yourself if you believe that or not.

MacBook Pro. The first Mac notebook built upon Intel Core Duo with iLife ’06, Front Row and built-in iSight. Starting at $1999. Free shipping.
iMac. Twice as amazing — Intel Core Duo, iLife ’06, Front Row media experience, Apple Remote, built-in iSight. Starting at $1299. Free shipping.
iMac and MacBook Pro owners: Apple USB Modem. Easily connect to the Internet using dial-up service. Only $49.
iPod Radio Remote. Listen to FM radio on your iPod and control everything with a convenient wired remote. Just $49.
iPod. 15,000 songs. 25,000 photos. 150 hours of video. The new iPod. 30GB and 60GB models start at just $299. Free shipping.
Connect iPod to your television set with the iPod AV Cable. Just $19.

Related MacDailyNews articles:
eWeek: Intel transition a ‘security non-issue’ for Apple Mac – January 30, 2006
Why pay Symantec for flawed ‘security’ app designed to protect Apple Macs from nonexistent threats? – December 27, 2005
‘Highly critical’ flaw in discovered in Symantec AntiVirus for Mac OS X – December 21, 2005
Why Symantec’s ‘scare tactics’ don’t worry Mac users – September 28, 2005
$500 bounty offered for proof of first Apple Mac OS X virus – September 27, 2005
Symantec details flaws in its antivirus software – March 30, 2005
Motley Fool writer: ‘I’d be surprised if Symantec ever sells a single product to a Mac user again’ – March 24, 2005
Symantec cries wolf with misplaced Mac OS X ‘security’ warning – March 23, 2005
Symantec’s Mac OS X claims dismissed as nonsense, FUD – March 22, 2005
Symantec warns about Mac OS X security threat – March 21, 2005


  1. One more thing®

    I hate to admit it. But since this is an American company owned by $ymantec also American, the only way to clamp down on this kind of FUD and manipulation is a law suite. In the fine tradition of all such action.

    This scam is just like someone trying to manipulate the market by poisoning Tylenol.

  2. Really, MDN. I am fed up with your “takes” that barely disguise the accusation that Symantec is outrightly lying when it talks about possible security vulnerabilities in OS X.

    If you’re so sure of everything you claim, then walk the walk – put one of your OS X servers directly on the Internet, with no hardware firewall to protect it, and send an open invitation to Symantec and anyone else to try to hack it if they can.

    I dare you.

    I _double_ dare you.

    What’s the matter. Chicken?

  3. It is possible to gain control of an Admin account in OS X Tiger. You get the blonde bimbo from Hooters to lull the Security Expert into a stupor, gain access to the bottom of the powerbook where the password is written on a stickie (usually “pencil”).

    You then wake the Powerbook, probably no password needed, turn off the firewall and start up the mythical file server.

    It’s quite simple, actually. The blonde bimbo steps away, the Security Expert is now fully aware, but has been hacked with no trace of the caper for the “forensics” to discover.

  4. Hmmm…. once again, the whole notion that the Intel chip itself allows security compromises is mentioned. Interesting…..

    Also, MS douche bag, my Mac was on the Internet for 6 months before I realized the firewire was not turned on… no compromises. None. Try THAT with your piece of crap Microshaft machine.

  5. ‘The OS X platform may be based on a Unix platform, but Apple seems to be making mistakes that Unix made, and corrected, long ago.’

    What is he trying to say here? Did Apple take up UNIX only to leave all the good security bits out? Why would Apple not have used the corrected versions? This whole sentence is contradictory, it makes no sense!

    I am not a techie, just a dedicated Mac user, sooooooo, can anyone else work out what the hell he was trying to say, and, is there really any future problems for us?

    The whole security issue is really muddy at the moment, with all thees conflicting views.


  6. Happy Mac said:

    “Also, MS douche bag, my Mac was on the Internet for 6 months before I realized the firewire was not turned on…”

    The firewire?

    ” width=”19″ height=”19″ alt=”wink” style=”border:0;” />

  7. Evil_MS_User – it’s already been done. Rewards have been offered and contests have been run and – *surprise* – no one has been able to come up with a viable exploit. So, as with ALL computer systems, you can use social engineering to find the password written on a stickie (as noted above), but until you can find us an exploit in the wild, you’ve got no proof that Symantic isn’t lying.

    Why don’t you put your money where your mouth is and challenge MDN to a bet. Put up some funds against theirs and make it worth their while. They can put a server on the internet and see if it gets hit. If not, you pay up. Maybe we can get them to take down some of these damn ads since you’ll obviously be funding this site.

  8. What is up with everyone responding to this thread so late?

    Don’t you have a life?

    It’s moments like this that make me miss Sputnik…

    *Yawn* Back to my iPod bed…

    MDN Magic Word “wake” as in wake me up in the morning…

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.