[ShadowAce]

[js1138]

placemarker

[ShadowAce]

This thread seems to be a dupe.

[Element187]

oh no.. the almighty mac is not as secure as we once thought!

thats funny, i work information security, i've been predicting this for the past 2 years.

[antiRepublicrat]

The equivalent here is setting up your XP box as a server with a bunch of services turned on.

The report is slightly troubling, but it would be more interesting if he'd actually set up OS X Server with normal SOP to lock it down to a real-world role.

[Terpfen]

Gotta love how the tech rags have been going after OS X lately.

[SengirV]

This is a joke. This 'tard issued accounts on the machine to anyone who asked. AND MORE IMPORTANTLY, he left SSH open on his machine fir people to login.

This article can be discounted.

[Terpfen]

Mac ping.

[patriot_wes]

"he exploited a vulnerability that has not yet been made public or patched by Apple."

Oh that's gotta make you guys feel comfortable!

[ikka]

I think that "gwerdna" might actually be someone called Andrew G, what do you think?

[RogueIsland]

"Mac OS X is easy pickings for bug finders. That said, it doesn't have the market share to really interest most serious bug finders," added gwerdna.

Ouch. Or should I say PWNED! I still think OS X is a slick OS though.

[Publius6961]

"Mac OS X is easy pickings for bug finders. That said, it doesn't have the market share to really interest most serious bug finders," added gwerdna.

BWA HA HA HAAAAAAAAAA !

Lies, lies, more lies!
It's because it's superior dontchaknow...
OK how about prettier and gay... ?

[rzeznikj at stout]

It sounds like this guy invited random folks to his computer and said "Hack into it. The First one Wins" But the article's tone comes out to be a hit piece on Macs instead of pointing out that while the OS was compromised, the guy let people into his computer as users--then enabling the users to steal his root password.

In any case, OSX is still more secure than Windows, Case in point to consider: if the same exact stunt was done to a Windows box, said Windows box would've been hacked in a few minutes without any problem.

[dennisw]

Hahahahah. I will never ever buy a Mac. I don't need the ego boosting, the bragging rights and the additional hardware & software expenses. Though Apple products seem more idiot proof than WinTel machines so I would recommend them to certain people. I just bought a new LCD monitor that runs on DVI so I'll probably get a DVI video card. That's what I prefer to blow my money on. Not these silly Apple Imacs though these new dual core Intel machines should make the Apple crowd very happy ------>>>>

Hot! Amazon - Apple iMac with Intel Duo Core and 17" LCD - $125 Rebate, Shipped Free, No Tax to Most States! (Posted by: Leon)
It`s definitely better to buy these from Amazon rather than Apple.com. The $125 rebate is pretty slick too!

• Apple iMac Desktop with 17" Display MA199LL/A (1.83 GHz Intel Core Duo, 512 MB RAM, 160 GB Hard Drive, SuperDrive) for $1299.99 - $125 Rebate = $1174.99 shipped free! APPLE IMAC DESKTOP 17" LCD 1.83GHZ SALE
• Apple iMac Desktop with 20" Display MA200LL/A (2.0 GHz Intel Core Duo, 512 MB RAM, 250 GB Hard Drive, SuperDrive) for $1699.99 - $150 Rebate = $1549.99 shipped free! APPLE IMAC DESKTOP 20" LCD 2.0GHZ SALE

[dinodino]

This was an idiotic test and totally unrealistic. How unsurprising that if you give hackers shell accounts, they can get root!

Of course, the Windows fanatics will latch onto this as "proof" that Macs are as insecure is Windows, which is absolutely false.

[Swordmaker]

Mac Hacked in under 30 minutes - Thread 1 - PING!

If you want on or off the Mac Ping List, Freepmail me.

[impatient]

I can't quite figure out how "gwerdna" is an anagram for William H Gates III.

Though it does spell "red wang".

[amigatec]

It really amazes me that some people believe this report.

Lets look at what we do know about this.

1. The version of OS X used was a client version.
2. The server stuff was added.
3. The hackers were given ssh access.

Now lets look at what is not known.

1. What was the patch level?
2. Was the server stuff even set up up right?
3. How much of a shell were these guys given?

There is a good possibility that the server stuff was downloaded from who knows where.

What where the permissions set to?
What was the real name of the hacker?
What unknown exploit was used?

There simply is not enough info to go on.

Until these questions are answered, I am going to throw this report in the trash.