MESSAGE
DATE | 2008-03-29 |
FROM | Ruben Safir
|
SUBJECT | Subject: [NYLXS - HANGOUT] Non-Free aint Free
|
MacBook Air first to fall in hacking contest vs Vista and Linux Put up against two rivals, the latest version of OS X proves to have the most quickly exploited security hole (updated) March 28, 2008 4:42 PM
A MacBook Air running OS X 10.5.2 has won hacker (in all senses) Charlie Miller $10,000 - plus the MacBook Pro Air that he managed to hack into.
Miller was taking part in the CanSecEWest conference, in Vancouver, where everyone who wanted could have a go at taking over any of three machines - a MacBook Air, a PC running Vista SP1 and a machine running Ubuntu 7.10.
And it turns out the Mac fell first. Miller, who managed the first exploits of the iPhone, exploited a bug in Safari. (As part of the second day of the challenge, would-be hackers could get the machines to click on links in URLs.)
Miller formed the URL which opened a port which let him telnet into the machine and read the file he needed to get at to prove his win.
Under the terms of the contest, the precise details of the hack are being kept under wraps until Apple has had a chance to look at it and patch it.
So. Does this make Apple's apparent security - as in, the lack of viruses etc - look a bit more Ozymandian?
We can't get at the CanSecWest site just now, but it would be interesting to know what the ratios of people trying to hack the machines were. (Update: Macworld reports that Miller was "the first contestant to attempt an attack on any of the systems" and that it took him just two minutes. Apple's engineers are reportedly working on a fix.
A friend of last year's winner (MW reports still) had a go at the Vista machine but didn't manage to crack it. The rules make it easier on Friday (remember, Vancouver is 8 hours behind GMT) to break into the machines. -- http://www.mrbrklyn.com - Interesting Stuff http://www.nylxs.com - Leadership Development in Free Software
So many immigrant groups have swept through our town that Brooklyn, like Atlantis, reaches mythological proportions in the mind of the world - RI Safir 1998
http://fairuse.nylxs.com DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
"Yeah - I write Free Software...so SUE ME"
"The tremendous problem we face is that we are becoming sharecroppers to our own cultural heritage -- we need the ability to participate in our own society."
"> I'm an engineer. I choose the best tool for the job, politics be damned.< You must be a stupid engineer then, because politcs and technology have been attached at the hip since the 1st dynasty in Ancient Egypt. I guess you missed that one."
© Copyright for the Digital Millennium
|
|