[trashcanbred]

Business Week weighs in on the hacked Mac Mini story and gets it right... its FUD.

Well... it isn't complete FUD... the machine was still rooted through priveledge escalation.

These kinds of "privilege escalation" vulnerabilities have cropped up on the Mac over the years and date back decades to FreeBSD, the variant of Unix on which Mac OS X is based.

I don't call that FUD at all do you?

[Shalom Israel]

Well... it isn't complete FUD... the machine was still rooted through priveledge escalation.

True. But in the security biz, there's a big difference between a "local" and a "remote" vulnerability. A local vulnerability can only be exploited by a user with login privileges--i.e., the computer's owner, or someone authorised by the owner to use the machine. A remote vulnerability, on the other hand, can be exploited by any random shmoe in Chechnya.

When people say Windows is "vulnerable", they mean that within a minute of connecting a new machine to the Internet, you're probably already infested with viruses and pwned by a Russian spammer. Nothing like that is remotely true of a Mac; you can connect an out-of-the-box Mac to the internet with essentially no fear.

[Swordmaker]

Well... it isn't complete FUD... the machine was still rooted through priveledge escalation.

Was it? Where is the proof. Nothing has been posted that proves this ever happened. We have two guys who claim it... but both are unwilling to provide either proof or methodology.

[dyed_in_the_wool]

Well... it isn't complete FUD... the machine was still rooted through priveledge escalation.

With a local account and SSH access. So they put the keys on the table and left the front door open and there is shock SHOCK! that someone |-|4XX0r3d the system. Please. I'm sure there are security vulns in OS X, but this was not a real test.