Mac OS X hacked in 30 minutes? Bullshit.

The tech media’s assailment of Mac OS X’s status as a secure computing platform continued today with another report that Mac OS X was “hacked” in less than 30 minutes.

From c|net:

“The rm-my-mac challenge was set up similar to how you would have a Mac acting as a server–with various remote services running and local access to users…There are various Mac OS X-hardening guides out there that could have been used to harden the machine, however, it wouldn’t have stopped the vulnerability I used to gain access.”

What the article alludes to, but doesn’t specifically list, is that the Mac had SSH turned on, and had an account set up for the hacker to login with. While the hacker is correct in stating that the vulnerability is serious and does allow someone to gain root access to the machine, they first have to get through the front door. In this case, the front door was left wide open for the hacker to first gain entrance.
This is the equivalent to storing your gold in your sock drawer at home, and complaining that it was stolen after you gave someone your front door key (user account), and turned off the security system (turning on SSH access).

It is important to note that on the client version of Mac OS X, SSH is turned off by default (as are all other web services). Also, you don’t generally setup user accounts for hackers on your system.

While the server version of Mac OS X comes with SSH turned on by default, the hacker still needs to get past the password access. Like any good security system, the entry code needs to be complex enough to repel attacks. By giving the hacker a user account, you have effectively let them in through the front door, free to roam around the house.

Now the real reason to be bothered is that because Mac OS X is a multiuser Unix, just getting in through the front door shouldn’t be enough to do any real damage to the system. That’s where we should be concerned. This hacker logged in to a normal users account, and the proceeded to hack “root” access to the machine. The hacker claims he used an unpublished and unknown vulnerability to get root.

This is what bothers me about this article. It gives notoriety to a hacker who claims to be using an unknown exploit. If the hacker made the exploit known so it could be addressed I’d have less of a problem with this. But he doesn’t, and you are left to contemplate what his ulterior motives are. And you are also left to contemplate why the press is giving this person their 15 minutes of fame without making him (or her) verify how they gained access.

Something doesn’t smell right here.

Category: News

About the author

A user of Macs since they had silly names like Performa and Centris, Theodore Lee is a techie who prides himself on his vast knowledge of all things Apple. OS X Factor was started in 2001 (originally as macosxcentric), and continues to churn out tips, tutorials, reviews and commentary on the tech sector.

Archives

Pages

© 2012 OS X Factor / All Rights Reserved