Tuesday, March 7, 2006 |
13:42 - Mac OS X HAX0R3D in 30 MINS!!!11oneone (if they create a shell account for you)
http://www.tuaw.com/2006/03/07/another-look-at-mac-os-x-security/
|
(top) |
Damien Barrett pokes a neat hole in the recent claim that an OS X machine was trivially cracked. Namely, the owner of the target machine set up a script to create shell accounts on demand so hackers could SSH in and try local exploits. Local. Not remote.
True, local exploits suck and should be fixed. But this is no bombshell that Mac OS X is remotely exploitable out of the box. Hell, SSH access is even disabled by default, so even legitimate remote access isn't possible out of the box.
Keep trying, guys. Though with all the recent press, it certainly does seem as though Mac OS X has become a higher-profile target—it's actually an attractive proposition all of a sudden to want to be "the guy who cracked the Mac"...
|
|