Hackers reveal Apple security flaw

Last updated 11:41 30/07/2009

Relevant offers

Gadgets

Review: Acer Aspire S3 Review: Sony Ericsson Xperia arc S 3D printing: saviour or piracy tool? Apple in talks on iTV Get ready for the Apple ... Treadmill? What's USB 3.0? Review: Dell XPS 14z notebook Robots bring beer but Rosie still takes cake Duck for cover, here comes the laser-guided bullet Angelic 'Jobs' loves Android in Taiwan ad

A Mac security expert has uncovered a technique that hackers could use to take control of Apple computers and steal data that is scrambled to protect it from identity thieves.

Prominent Mac researcher Dino Dai Zovi disclosed the software flaw at the Black Hat security conference in Las Vegas, one of the world's top forums for exchanging information on internet threats.

About 4,000 security professionals are in attendance, including some who are really hackers. While experts ferret out software flaws to fix them and protect users, hackers use the same information to devise pranks or commit crimes.

Attacks on Apple computers are extremely rare, but security experts say that will change as Macs gain market share on PCs running Microsoft's Windows operating system.

Some hackers have already released programs that attack Macs, including one earlier this year that was spread to a small number of machines via pirated software.

It is not illegal to publish software that can be used to hack into computer systems, though it is against the law to use it to break into them.

Dai Zovi, a security researcher and co-author of "The Mac Hacker's Handbook," said on Wednesday that once hackers start to put substantial resources into targeting Apple's computers, they will be at least as vulnerable as Windows machines.

"There is no magic fairy dust protecting Macs," he said in an interview.

The technique - dubbed "Machiavelli" - exploits a vulnerability in the Mac OS X kernel, the heart of the machine's operating system. It only works on machines that have already been victimized, such as ones attacked with the pirated software. It can take control of Apple's Safari browser, logging passwords to financial accounts and data on bank statements, Dai Zovi said.

An Apple spokeswoman could not be reached for comment.

SECURITY LOOPHOLES

Apple is the fourth-largest US PC maker and continues to take market share. It held 9 per cent of the US market in the second quarter, according to Gartner.

"They are advancing. Our concern is that they are just not advancing as fast as they are gaining market share," said Charlie Miller, co-author of "The Mac Hacker's Handbook."

Still, they said the Mac's operating system will be an easier nut to crack once hackers start to focus on it. That is because it has a lot more code in it than Windows, leaving room for more vulnerabilities and bugs that hackers can exploit, the two experts said.

"Everyone is on their toes," Miller said.

Ad Feedback

- Reuters