I have two Macs, but I despise the myth that Apple has created an impenetrable and completely secure system. The “it just works” crowd drives me up the wall because while I like Macs and they are considerably more safe and stable than their Windows-based counterparts, they are far from perfect.
Yesterday at the CanSecWest Pwn2Own 2009 in Vancouver, Charlie Miller entered a Apple Safari hacking contest that began at 3:15 pm and won it before the clock struck 3:16. He fed the Mac a link and once it was clicked, he took control of the target machine. Simple as that.
Charlie won $10,000 and the Mac that he conquered.
A patch will be issued at some-point in the future to remedy the weakness.
For the record, later at the same contest, someone who goes by “Nils” defeated Microsoft’s future browser, Internet Explorer 8 (which hasn’t left Beta) and Mozilla’s Firefox.
The lesson to take away from this is that no one should assume that a platform is unbreakable. If you own a Mac and have developed a case of Apple arrogance, give yourself a reality check. That arrogance is putting your computer and your data at risk.
Always install security patches and practice safe computing.