"Gaining root access to a Mac is 'easy pickings,' according to an individual who won an OS X hacking challenge last month by gaining root control of a machine using an unpublished security vulnerability," reports ZD Net.
A user in Sweden put a Mac Mini onlne and invited people to hack it. "Gwerdna", the winning hacker, said: "Mac OS X is easy pickings for bug finders. That said, it doesn't have the market share to really interest most serious bug finders."
However, according to Slashdot, would-be hackers were allowed access via SSH, so it wasn't a locked-down machine.
Comment: There isn't a mass market for Mac hacks, but Mac security consultants are considered fair game. One recent example was at the recent ShmooCon hacking conference, where "one security researcher found out the hard way that such venues can be hostile, when an unknown hacker took control of the researcher's computer, disabling the firewall and starting up a file server," reports Security Focus.
The victim ... had locked down the system prior to the conference and believes that a previously unknown exploit caused the compromise. However, in the following weeks, forensics performed on the system did not reveal any clues as to how the PowerBook had been compromised.
"The machine was as hardened as best practices could suggest for anyone," the researcher said. The person who breached the PowerBook used information gathered from the computer to contact a friend of the researcher and bragged about the compromise.
