New OS X flaw puts Macs at hacker risk too
1st Aug 2009 | 05:19
Safari can be used to get at even encrypted data remotely
While the iPhone SMS security vulnerability has been hogging the headlines this week, it also emerged from the same conference that Mac OS X is at risk too.
Speaking at the Black Hat security event, Mac expert Dino Dai Zovi exposed an OS X coding loophole by installing a rootkit that could give hackers complete control of a Mac, allowing them to take even encrypted data from the other side of the world.
Bank accounts exposed
The 'Machiavelli' technique relies on using the Safari browser to get hold of encrypted data such as bank accounts and other personal information.
Dai Zovi explained his motivation in helping Apple work on better securing its machines, warning that hackers need only target OS X computers for general the Mac security complacency to dissolve into a serious problem.
"There is no magic fairy dust protecting Macs," he pointed out, while another security expert added, "When the malware authors put out something that's really sophisticated we are going to have a whole population that is really vulnerable."