Thats what I mean Apple will have vulnerabilities soon!!

You might not have big crappy stuff currently, but things are moving rapidly…

According to a ZDNET article, which describes an article in 2600 Magazine, mentions that Apple Dashboard Widgets that could allow users to access the computer’s drives and files.

As in, a guest could install a widget in someone’s computer (if he had physical access to it… Like a friend used your Mac computer) and access sensitive data (Like ~/.gnupg/secring.gpg… I don’t really know what that means since I haven’t used Mac at all… But according to the resource, it’s something sensitive [Stores private PGP keys]) and can modify\delete stuff without any restriction.

There’s more to read in the link I’ll provie below… I wonder why Apple didn’t think of it as a security risk…

Now for those who’d just pop-up saying “OSX is safe”, well it’s getting riskier little by little… And the interest they’re pulling to being targeted is more than ever (And it’ll increase by time)… It might be a 3rd-party app issue, but Apple should’ve set more restrictions to widgets…

But who am I to talk? I’m a Windows\Linux user… I know nothing about Mac OS X… But I know it’s being targeted and soon you’ll be whinning about being “as malwared as Windows”…

Read more about it in ZDNET’s article.

2 thoughts on “Thats what I mean Apple will have vulnerabilities soon!!

  1. No computer is safe no matter what the claims are. Anyway, Mac OS X is based on Mach Unix, and any hack that applied to *nix would possibly apply to all the different flavors. With any *nix all I need is physical access and I am in.

  2. Well, yea… not just physical access though… I’ve mentioned the PWN2OWN incident that someone was able to own macbook air pro remotely in 2 minutes…

    I know there’s no computer that’s safe (even if you wrote your own OS)… thats why I wrote this to actually tell Mac users that OS X isn’t %100 safe

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.