the Mac mini is one tuff cookie
I was super relieved to hear that the supposed OSX Hack was missleading and even more so when I read this.
Pass this on to those who think we, the Mac users, are only safe due to small market share.
the TRUE Hacker test
edit:
link to original "30 min hack"
have a great day team.
flick.
Pass this on to those who think we, the Mac users, are only safe due to small market share.
the TRUE Hacker test
edit:
link to original "30 min hack"
have a great day team.
flick.
Comments
Originally posted by Flick Justice
I was super relieved to hear that the supposed OSX Hack was missleading and even more so when I read this.
Pass this on to those who think we, the Mac users, are only safe due to small market share.
the TRUE Hacker test
edit:
link to original "30 min hack"
have a great day team.
flick.
How do you mean misleading? That it was just a student who put the Mac up for a test?
Unless the actual story is false, it looks to me like some average user set up his Mini for a web server and it was hacked in half an hour.
Irrespective of how it was configured, the hacker had said that he gained access by a vulnerability in OS X.
Not that I'd take anything solid from such a test, I just want to establish whether or not OS X has known and dangerous vulnerabilities.
Participants were given local client access to the target computer
Note, this is the key line in the article! The supposed hacker already had initial access to the Mini through a user account.
Move along folks, nothing to see here....
Originally posted by Marvin
Unless the actual story is false, it looks to me like some average user set up his Mini for a web server and it was hacked in half an hour.
Bzzzt.
The guy who set up the server gave anyone who asked their own account on it. The hacker *had an account* on the server. What he did was an internal escalation of user privileges, not a cracking of the server from outside.
Very, very different.
It's not *good* to have such holes, obviously, but it's a whole other class of problem than "30 minutes on the web and it was h@x0r3d!"
Which it wasn't.
Originally posted by Kickaha
Bzzzt.
The guy who set up the server gave anyone who asked their own account on it. The hacker *had an account* on the server. What he did was an internal escalation of user privileges, not a cracking of the server from outside.
Very, very different.
Ah, I see. That's what the original poster should have said. Maybe that link explained it before it went down.
Look at me! My Mac got hacked, but I am not going to tell anybody how it was done! Come on, anybody could claim that. With no proof of any kind being provided, the odds are this is a hoax.