RE: OT:Mac OS X hacked in less than 30 minutes | Tech News on ZDNet

• From: "Alexandre Gauthier" <gauthiera@xxxxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Tue, 7 Mar 2006 08:27:19 -0500

I will agree with you on this one.

I still stand to my statement that blind zealots and fanboys of either side are 
utterly annoying.

 

________________________________

De : Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
Envoyé : 7 mars 2006 08:14
À : [ISAserver.org Discussion List]
Objet : [isalist] RE: OT:Mac OS X hacked in less than 30 minutes | Tech News on 
ZDNet

 

http://www.ISAserver.org

Hi Alex,

I don't fret about Mac exploits. I just enjoy hearing this stuff because I'm so 
tired of pothead media morons and the welfare sucking minions of orthodoxy from 
the Linux camp endless spewing the sludge that "M$ sUXoRSzS34$" and isn't 
secure.

 

Instead of worrying about the facts, just think of it as a mental health break.

 

HTH,

Tom

 

Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/> 
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls

 

 

________________________________

From: Alexandre Gauthier [mailto:gauthiera@xxxxxxxxxxxxxxxxx] 
Sent: Tuesday, March 07, 2006 7:06 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: OT:Mac OS X hacked in less than 30 minutes | Tech News 
on ZDNet

http://www.ISAserver.org

Well they just made the worst addendum ever :

 

Clarification: The originally published version of this report omitted the fact 
that participants were given local client access to the target computer.

 

And so, it did. I read that on Slashdot, where it gave an URL to the original 
rm-my-mac contest page, where the author itself said it wasn't really proof of 
anything.

 

And a security update has shown on my Powerbook this morning if this is of any 
relevance.

 

But, as the original article stated, the guy had installed Fink and configured 
stuff to use LDAP.

Installing fink means, "oooh, unsupported gnu and unix utilities!". And the 
Fink/OpenDarwin guys are not exactly known for a great response time to 
security advisories...

 

In the end, any operating system can be made secure, or relatively so. See 
OpenBSD over there. Sure it's dusty, boring and it's so ... unexciting that 
it's rock solid. And besides the code is thoroughly audited by thousand of eyes 
prior to release, and by "audited" I don't mean "It's open so people are bound 
to look at it", but rather "A large amount of the effort goes into auditing the 
code". Result is one single remote exploit post-install in more than eight 
years.

 

But install ugly, unmaintained crap from the ports tree and there goes all that 
effort.

 

My point is that this article is nothing to really fret about. There were other 
"hack my mac" contests of craptastic proportions in the past, but none as badly 
representative.

 

The rule is and has always been, once someone untrusted has a local account, 
all bets are off.

 

I really *really* wish people could stop being so competitive and would stop 
dissing platforms they have never really used... It lacks professionalism. I 
don't go on vitriolic diatribes against AIX because I have never used it ;) I 
don't go on such drivel against Windows either, even if it is not exactly my 
personal preference - but it still is a product that is better suited for some 
jobs. However, there is a great deal to be said about Unixware, OpenServer and 
Xenix. But that brings back the taste of bile in my mouth, so I'll stop right 
there :P

 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
gauthiera@xxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 

Other related posts:

• » OT:Mac OS X hacked in less than 30 minutes | Tech News on ZDNet
• » Re: OT:Mac OS X hacked in less than 30 minutes | Tech News on ZDNet
• » Re: OT:Mac OS X hacked in less than 30 minutes | Tech News on ZDNet
• » Re: OT:Mac OS X hacked in less than 30 minutes | Tech News on ZDNet
• » Re: OT:Mac OS X hacked in less than 30 minutes | Tech News on ZDNet
• » Re: OT:Mac OS X hacked in less than 30 minutes | Tech News on ZDNet
• » Re: OT:Mac OS X hacked in less than 30 minutes | Tech News on ZDNet
• » Re: OT:Mac OS X hacked in less than 30 minutes | Tech News on ZDNet
• » RE: OT:Mac OS X hacked in less than 30 minutes | Tech News on ZDNet
• » RE: OT:Mac OS X hacked in less than 30 minutes | Tech News on ZDNet
• » Re: OT:Mac OS X hacked in less than 30 minutes | Tech News on ZDNet
• » Re: OT:Mac OS X hacked in less than 30 minutes | Tech News on ZDNet
• » RE: OT:Mac OS X hacked in less than 30 minutes | Tech News on ZDNet
• » RE: OT:Mac OS X hacked in less than 30 minutes | Tech News on ZDNet
• » RE: OT:Mac OS X hacked in less than 30 minutes | Tech News on ZDNet
• » RE: OT:Mac OS X hacked in less than 30 minutes | Tech News on ZDNet

1. Home
2. isalist
3. Archive
4. 03-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---