“Writing exploits for Vista is hard work. Writing exploits for Mac is a lot of fun,” said Dino Dai Zovi, who demonstrated a new exploit at a recent Source Security conference. He hacked a Mac and took pictures with its built-in iSight camera. Dai Zovi said that exploits like this – which depend on flaws in “applications and system components that allow the contents of heap memory to be modified” – can be exploited with as little as 12 bytes of code? How much is that? Less than the length of the previous sentence… Dai Zovi stressed that the current iPhone operating system – a version of Mac OS X – did not have the same flaw, suggesting that Apple was most likely aware of its existence.
