Hack a Mac for fame
vnunet.com, 07 Mar 2006
The University of Wisconsin has launched a competition in which hackers are challenged to break into an OS X system connected to the internet.
"Mac OS X is not invulnerable. Like any other operating system, it has security deficiencies in various aspects of the software," claimed Dave Schroeder, the competition's organiser.
"However, the general architecture and design philosophy of Mac OS X, in addition to the use of open source components for most network-accessible services that receive intense peer scrutiny from the community, make Mac OS X a very secure operating system."
Schroeder is a systems administrator at the University of Wisconsin where he manages both OS X and Unix systems.
His challenge was launched in response to a similar competition last month in which a blogger created user accounts for contestants on a Mac Mini and challenged them to hack into the system by defacing a website.
A hacker by the name of 'Gwerdna' claimed to ZDNet Australia that he won the competition, boasting that the operating system was "easy pickings" and that it took him no more than 30 minutes.
The story made the headlines on Monday, but incorrectly presented the penetration as a 'genuine hack' when it should have been described as a 'privilege escalation for a legitimate user'.
A privilege escalation is similar to breaking into a different user account while sitting behind a computer and is considered significantly easier then hacking into a fully protected system over the internet.
The failure to make this difference prompted Schroeder to describe the ZDNet Australia report as "woefully misleading".
A spokesman for Apple did not return vnunet.com's phone calls seeking comment.
The University of Wisconsin's challenge provides contestants with a URL for the system that they need to hack.
The system is a Mac Mini running the latest version of OS X as well as all the latest security updates. It has been configured with two local user accounts and has SSH and HTTP open. The latter are not typical settings for an average user, according to Schroeder.
Contestants who claim to have succeeded in hacking the system must provide details about how they breached the security walls, which will be provided to Apple. The winner gets a claim to fame, but no material price.
All-expenses paid trips to Worldwide Developer Conference 2006
'Home stereo reinvented for the iPod age,' trumpets Jobs
Remote access - Three steps to getting connected
3.4 million UK professionals now work from home – is your company equipped?
Cost benefits of a global collaboration network
This white paper is a must read for organisations looking for evidence of the bottom-line benefits of high-definition video and voice communications
Keep up to date with the latest products, services and technologies from the world's leading IT companies; IThound.com brings you over 6,000 white papers, case studies and analyst reports.
We chat to Mike Maddison, UK head of Security, Privacy...
Update designed to give mobile users a richer, more personalised...
More thoughts on how servers can help manage overload
Do you agree?
Have your say on this article