“At the recent ShmooCon hacking conference, one security researcher found out the hard way that such venues can be hostile, when an unknown hacker took control of the researcher’s computer, disabling the firewall and starting up a file server,” Robert Lemos writes for SecurityFocus. “While such compromises have become common in the Windows world, this time the computer was a Apple PowerBook running the latest version of Mac OS X. The victim, a security researcher who asked to remain anonymous, had locked down the system prior to the conference and believes that a previously unknown exploit caused the compromise. However, in the following weeks, forensics performed on the system did not reveal any clues as to how the PowerBook had been compromised.”
MacDailyNews Take: Not a clue. An anonymous security researcher. How mysterious! How intriguing! An “unknown exploit?” Shocking. Yawn.
Lemos continues, “The compromise underscores a number of trends that has already caused a shift in focus among flaw finders and could result in more attacks on Mac OS X. Security researchers themselves have moved over to Apple computers in the past few years and have learned the ins and outs of the operating system. The company’s move to Intel-based hardware for its next-generation of Macs also gives flaw finders familiar territory in which to look for bugs. Finally, as Apple continues to garner more market share, the lure of a larger set of targets will make attacks more likely, say security researchers. ‘This is almost certainly the year of the OS X exploit,’ said Jay Beale, a senior security consultant for Intelguardians and an expert in hardening Linux and Mac OS X systems. ‘The OS X platform may be based on a Unix platform, but Apple seems to be making mistakes that Unix made, and corrected, long ago.'”
Blah. blah. blah. The piece continues rehashing and attempting to dress up a bunch of stuff to disguise its lack of substance. We won’t bore you with any more of it here. If you wish, Lemo’s piece — and we do mean “piece” — continues here.
[Thanks to MacDailyNews reader “Qka” for the link.]
MacDailyNews Note: Did you know that SecurityFocus was acquired by Symantec Corporation (see related articles below) in the fall of 2002? According to the SecurityFocus website, “Part of the purchase agreement was to keep SecurityFocus as an independent Website that is not influenced by Symantec corporate policies or products. The SecurityFocus Website retains full editorial discretion for all content and remains a vendor-neutral voice for the security community.” You can decide for yourself if you believe that or not.
• MacBook Pro. The first Mac notebook built upon Intel Core Duo with iLife ’06, Front Row and built-in iSight. Starting at $1999. Free shipping.
• iMac. Twice as amazing — Intel Core Duo, iLife ’06, Front Row media experience, Apple Remote, built-in iSight. Starting at $1299. Free shipping.
• iMac and MacBook Pro owners: Apple USB Modem. Easily connect to the Internet using dial-up service. Only $49.
• iPod Radio Remote. Listen to FM radio on your iPod and control everything with a convenient wired remote. Just $49.
• iPod. 15,000 songs. 25,000 photos. 150 hours of video. The new iPod. 30GB and 60GB models start at just $299. Free shipping.
• Connect iPod to your television set with the iPod AV Cable. Just $19.
Related MacDailyNews articles:
eWeek: Intel transition a ‘security non-issue’ for Apple Mac – January 30, 2006
Why pay Symantec for flawed ‘security’ app designed to protect Apple Macs from nonexistent threats? – December 27, 2005
‘Highly critical’ flaw in discovered in Symantec AntiVirus for Mac OS X – December 21, 2005
Why Symantec’s ‘scare tactics’ don’t worry Mac users – September 28, 2005
$500 bounty offered for proof of first Apple Mac OS X virus – September 27, 2005
Symantec details flaws in its antivirus software – March 30, 2005
Motley Fool writer: ‘I’d be surprised if Symantec ever sells a single product to a Mac user again’ – March 24, 2005
Symantec cries wolf with misplaced Mac OS X ‘security’ warning – March 23, 2005
Symantec’s Mac OS X claims dismissed as nonsense, FUD – March 22, 2005
Symantec warns about Mac OS X security threat – March 21, 2005