Patched Mac holed in 30 minutes

Apple's Mac operating system may not be awash with viruses just yet, but hacking it seems to be a more straightforward proposition.

In the latest example, a hacker claims to have taken half an hour to gain full access to a fully patched Mac server put online for a cracking competition.

Late last month, a Swedish Mac enthusiast put a Mac Mini online and invited the general public to attempt to gain access and wipe the system's hard drive - to "rm" it, in reference to a Unix command for removing files and directories.

The administrator, who wishes to remain anonymous, said someone had attained root access within about two hours. "I was kind of shocked to see it was hacked this quick," he told Techworld.

Four hours later, a hacker going by the handle "gwerdna" defaced the home page of the "rm-my-mac" competition. The administrator noted that the contest is still technically going, since no one has yet wiped the Mac's hard disk.

Gwerdna needed only half an hour to crack the system, taking advantage of an unpublished security flaw in OS X - one of many, according to the administrator. "There are virtually loads of them, both in the kernel and in userland," he said. He is familiar with the flaw gwerdna used, but doesn't intend to disclose it to Apple or anyone else, he said.

Though a fan and heavy user of OS X, the administrator admitted the operating system contains a large number of serious, unpatched flaws that have never been reported to Apple. He said some of these are old BSD Unix bugs that have been patched in BSD but not in OS X, which is based on BSD.

"Whether a bug is reported or not depends entirely on the person who finds it," he said. "Some people who find bugs do report them to the vendor, and some do not. There's really not much to win by reporting a security hole to Apple, or any other vendor for that matter."

Security vendors say the Mac has escaped the widespread security problems that plague Windows largely because of its small market share, rather than because it is inherently secure. The rm-my-mac administrator noted that there are some ways of locking down systems such as BSD or Linux that aren't available for OS X.

However, attackers are getting more interested in the platform. At the recent ShmooCon in Washington D.C., a prominent security researcher found that their Mac had been cracked into, according to a report from SecurityFocus.

The attacker set up a file server on the system, and used information culled from the Mac to contact one of the researcher's friends and brag - but no trace was found as to how the attack had been carried out, the report said.

Last month, two viruses appeared aimed at the Mac platform in the space of a week. Shortly afterward, researchers warned of a bug that could be used to execute malicious code automatically via the Safari browser.

Security researchers have been warning for some time that the Mac isn't as secure as people think, and that Apple isn't responsive or open enough in its approach to the issue.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Matthew Broersma
Show Comments

Brand Post

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Luke Hill


I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?