OS X First OS to be Hacked in PWN 2 OWN Contest
What do you get when you hold a contest and offer up $10,000 and a free laptop to the first person to hack an OS? You get a MacBook Air hacked in two minutes flat. Yesterday was day two of the CanSecWest security conference’s PWN 2 OWN hacking contest and Charlie Miller made quick work of Apple’s super-slim notebook. Ok, so maybe Miller really took a day and two minutes, but he still landed himself a sweet prize thanks to some solid hackery. The OSes involved? Mac OS X, Windows Vista and Linux. Day one of the competition was very uneventful. The rules stipulated that on day one of the competition, contestants were only permitted to attempt attacks over the network. On day two things turned around when contests were allowed to instruct contest organizers to visit a web page or open an email. Within two minutes Miller had prepared his exploit code and instructed organizers to visit a web site. Game over. Miller had seized control of the MacBook Air and landed himself a nice prize, seemingly using a hole in Safari as contestants were only permitted to take advantage of preinstalled software. Interestingly, no contestant was able to get into the Vista or Linux boxes during all of Wednesday or Thursday. Today, the last day of the competition, hackers will be permitted to exploit thrid-party applications installed on the computers. TippingPoint’s Manager of Security Response Terri Forslof, predicts that contestants will make quick work of the systems today as a result.
Long live IE7 and VISTA
Permalink | Reply
BGR sure does hate Apple doesn’t it. Please read this for a reality check.
Permalink | Reply
This should be a wakup call for all this apple fanboys out there lol
Permalink | Reply
HA!!!
Incredible. Though I don’t dislike Apple, it really makes me feel good that Vista, is slowly but surely showing what it can really do, and that Apple, with its growing popularity its becoming more vulnerable to what has been around for decades in the PC world.
Welcome to the real world Apple.
Now let’s see what lame excuse or negative crap the Apple fanboys have to say to me about my comment or about Microsoft/Vista.
Permalink | Reply
even withh the iphone you could hack it an ipone they were runnning the creditcheck/activation app check you could score somones SSN
Permalink | Reply
Who wants a Vista laptop or a Sony vaio running Ubuntu when you can get a Macbook Air?
Of course it went first.
Permalink | Reply
um my laptop runs vista AND ubuntu. Those who play world of warcft an other pc games want vista.
Permalink | Reply
@ Codey H. —
I’ll take a ThinkPad x300 over the Mac Air ANYDAY.
Permalink | Reply
Nothing can beat Ubuntu!
sent from: fav.or.it [FID107069]
Permalink | Reply
Before you go blasting Apple, lemme tell you this— Getting a quick exploit DOESNT mean that more will come at the same rate and the criticality of the exploit is not known.
Writing exploits is an art , maybe others werent as crafty as this boy. If I had more money I would Definitely purchase this sweet laptop -The Macbook Air.
Permalink | Reply
X300 for life!! Screw these crappy Airs you can even see in the commercials that the screen bends with no help at all.
Permalink | Reply
yeah my 3 year old toshiba tecra blows the air out.
Permalink | Reply
1. Sponsored by Microsoft
2: The guy has spent the last year trying to establish himself as an expert on hacking the iPhone.
3: It was 24 hours and two minutes. They had tried for a day to break in through the network.
4: I appears the Linux boys were afraid to spend the time to come up with an exploit for Linux? Uh huh, or was it they just didn’t want to shame Linux by actually doing it?
The exploit is there, yes. But all in all, OS X is still more secure. Otherwise, why are there ZERO viruses for it? How come it take socical engineering to break in, and yet, everybody pretends like it’s some big disaster for Apple and it’s fanboys.
The tech press has been reasonably moderate on this story. Kudos for at least that.
Permalink | Reply
Read this:
http://www.roughlydrafted.com/2008/03/28/cansecwest-and-swiss-federal-institute-of-tech-deliver-attacks-on-the-reality-of-mac-security/
Retard.
(Cheers to the dude above who posted this)
Permalink | Reply
Me too. I would like to have the ThinkPad X300 over MacBook AIR. It is simply a superior laptop in every respect.
Permalink | Reply
You guys are hilarious. So what if the hackers want the Macbook Air first? The simple fact is that it got hacked… That means that anyone with a mac running Safari is also exposed to this security flaw. And don’t think that all mac users are immune to social engineering tricks… Just because you are doesn’t mean the school kid doing his project at school is too.
I read that article from roughlydrafted a couple of posts above and it is the biggest bunch of BS i’ve read in a while… talk about apple fanboy.
It doesn’t matter who wants what or who sponsored the event or how come there are no viruses for the mac or Windows machines get hacked everyday excuses because in the end, some hacker just got into the mac through an exploit… and that could happen to you and you could be a victim of identity theft… a far more appealing prize than a macbook air.
Permalink | Reply
Agreed,
In fact I know of several hack groups that have successfully created virus, as well as exploits for OS X with or without patches
Permalink | Reply
Vista, Windows, all things of the past. The open source world (Unix.. Mac OS, Linux) are winning out. As much as you might love the stupidity and simplicity of a wintel box, it’s a thing of the past. Microsoft are desperately trying to sue the open source market. Talk about insecure. Just keep buying your junky operating systems (Windows) haha.. If I had to subscribe to a virus company or an anti spyware company just to use my computer, I’d be really peeved and feel quite ripped off.
Permalink | Reply