[Space Wrangler]

Mac users are deluding themselves if they think they are immune to security issues. And when the time comes that Macs are hit hard, Apple will bear the brunt of the responsibility for fostering this false sense of security within their community. Apple has become public enemy #1 for many black hatters in no small part because of Jobs arrogant stance that his OS is immune to the security flaws, and in essence daring the black hatters to give it a go. Be careful what you ask for Steve.....

[Swordmaker]

Apple has become public enemy #1 for many black hatters in no small part because of Jobs arrogant stance that his OS is immune to the security flaws, and in essence daring the black hatters to give it a go.

Gosh. Gee whillikers, Space. Do you think those black hatters might just like to "stick a cigarette in the eyes of Mac users" to show them how unsafe they are???

That cigarette quote came from just such crackers David Maynor and Jon Ellch, who, to demonstrate the fragility of Mac's security, found it necessary to create a HOAX video of a Macbook being taken over via WIFI. The video was shown with great glee at the last Black Hat convention. They refused to tell people how they did it or to demonstrate the exploit live. It turned out they used an EXTERNAL USB WIFI card and a third party driver despite the existence of a perfectly good (and secure) built in WiFi card and drivers. They also PRE-installed a script to run on the targeted Mac.

"Daring Fireball's" John Gruber bought a brand new MacBook and challenged Maynor and Ellch to crack his out-of-the-box MacBook... if they could, it was theirs, free and clear. John Gruber still has the MacBook.

Another Mac challenge DID get hacked. A guy in Sweden put up a Mac Mini as a server and it was cracked in under 30 minutes. BUT, this idiot gave everyone wanting to "rm-my-Mac" a Local User Account, opened every port that is normally closed in a default install, and then used extremely weak passwords for his administrator account. An Australian cracker named Gwerdna (I wonder if his first name is Andrew? I also wonder how hardened his passwords are.) broke in and defaced the web site by escalating his privileges to administrator.

David Schroeder, the senior Apple systems engineer at the University of Wisconsin's IT department put up a Mac Mini as a Web server, using it straight out of the box with no firewall, no AV, nothing, bare naked, and challenged the black hatters to crack into it. Thousands of attempts were made over a period of 37 hours (the University required him to pull the challenge because of bandwidth usage) and NOT ONE SUCCEEDED.

David Schroeder . . . set up his own contest inviting security researchers and hackers to attempt to breach a Mac with open SSH and HTML ports and two user accounts. A critic of the original contest, Schroeder stressed that his challenge is more fair, but that most users will not likely even have those ports open.

"Mac OS X is not invulnerable--it, like any other operating system, has security deficiencies in various aspects of the software," Schroeder wrote. "However, the general architecture and design philosophy of Mac OS X, in addition to usage of open source components for most network-accessible services that receive intense peer scrutiny from the community, make Mac OS X a very secure operating system." - Source.

I think it is safe to say that the "black hatters" have given it a go and have failed miserably. Six years and counting... no malware!

[antiRepublicrat]

Apple has become public enemy #1 for many black hatters in no small part because of Jobs arrogant stance

So what is it? Do the black hatters ignore OS X because of its marketshare, or are they intent on nailing OS X because of Apple's arrogance?

[Leonard210]

Apple has become public enemy #1 for many black hatters in no small part because of Jobs arrogant stance that his OS is immune to the security flaws, and in essence daring the black hatters to give it a go. Be careful what you ask for Steve.....

It is my understanding that no one, I repeat NO ONE, hacks a Mac because no one cares about their paltry market share. It's called "security by obscurity" and is proved to be the REAL reason that Macs haven't been hacked. That said, when did the tide turn. I mean, at what point did the "black hatters" decide to take a shine to Apple. The "arrogant stance" you refer to is not new. So what REALLY got to these guys? I believe, my dear Space Wrangler, that have unknowingly stumbled onto a conspiracy of monumental proportions. This "black hatter" community MUST have been bought off for the past six years. Yet, how did Jobs do it? It boggles, I tell ya'. (BTW, when the Big One hits, it will be a drop in the bucket compared to the sheer volume of security issues faced by Windows users. I run both and I MUST run anti-virus and all sort of system protection gadgets to assure a clean Windows system. We may need it on the Mac some day, but it will take a deluge of attacks to ever approach what MS has wrought.)

[for-q-clinton]

Gotta read what Swordmaker finally confirmed...Mac has some exploits available. Looks like you and I were right...who knew you'd be proven so right so quickly?