Essentially what happened was at ShmooCon a security 'researcher' discovered that someone had hacked into his PowerBook, disabled the firewall and started up a file server. This guy apparently locked down the system prior to the conference.  Here are the high points of the article that I loved:

• "...in the following weeks, forensics performed on the system did not reveal any clues as to how the PowerBook had been compromised."

So, not only can you hack the security system itself, including just turning off the firewall, there's no way to find out who did it or how.  Excellent!

• "The machine was as hardened as best practices could suggest for anyone," the researcher said. The person who breached the PowerBook used information gathered from the computer to contact a friend of the researcher and bragged about the compromise. "This was not a subtle hack," the researcher stressed.

Well apparently not there buddy! There was obviously at least a patch management problem in your 'best practices'.  Then again I'd imagine that best practices for Apple differ quite a bit from other best practices. Speaking from experience on working on Apple computers at the manufacturing level, best practices means something different to them.

Another gem from the article

• "This is almost certainly the year of the OS X exploit," said Jay Beale, a senior security consultant for Intelguardians and an expert in hardening Linux and Mac OS X systems. "The OS X platform may be based on a Unix platform, but Apple seems to be making mistakes that Unix made, and corrected, long ago."

You buy them books and buy them books but all they do is eat the pages....

Beale was also quoted as saying "On a good day, Apple doesn't even make it to Microsoft's level of security awareness", gee ya think? I admit it's a nice neat way for Apple to get an OS with most of the work already done for them, but they should probably step up to the plate when it comes to formal security response procedures.  Apple has been beaten up quite a bit for not having formal systems in place to discuss and patch security problems with their OS. 

People are starting to realise that OS X is out there, and it's popular with 'security researchers' because it comes in a sexy package and runs all the 'tools of the trade'.  This has also exposed OS X to an environment that Apple isn't familiar with, the hostile mass user market.

Apple computers work great for what they were meant to do, but they weren't meant to do much. Now that they have a Linux like OS, and their horizons have expanded, so have their exposures and vulnerabilities.  According to the National Vulnerability Database in the USA, OS X has surpassed Windows XP for security vulnerabilities in 2004 and 2005.

The article also mentioned the impact that Apple changing over to Intel could have.  I tend to agree with them that it means hackers will now have a processor and command architecture that they are familiar with and have many years of exploit development experience on.  So now that all the hex strings are already written to take advantage of the processor architecture, the OS X security better be up to the task.

Apple is new to the security game. The Mac wasn't worth hacking up until now. Now it's becoming more popular thanks to a more acceptable OS, and it's a flavour that most malicious hackers are intimately familiar with. So where does the future lie for the OS X? Will it be the hacker OS de' jour, or just another lamb to the slaughter?