MacBook Hacked In Contest Via Zero-Day Hole in Safari 156
EMB Numbers writes "Shane Macaulay just won a MacBook as a prize for successfully hacking OS X at CanSecWest conference in Vancouver, BC. The hack was based on a Safari vulnerability found by Dai Zovi and written in about 9 hours. CanSecWest organizers actually had to relax the contest rules to make the hack possible, because initially nobody at the event could breach the computers under the original restrictions. 'Dai Zovi plans to apply for a $10,000 bug bounty TippingPoint announced on Thursday if a previously unknown Apple bug was used. "Shane can have the laptop, I want the money," Dai Zovi said in a telephone interview from New York. TippingPoint runs the Zero Day Initiative bug bounty program.'"
Konqueror (Score:5, Interesting)
Re:Konqueror (Score:2, Interesting)
Admin user or regular user? (Score:5, Interesting)
Bottom line no remote hacks.
So not the OS then! (Score:1, Interesting)
OS-X is essentially BSD with a second layer on the top being the frameworks from Next and Apple and the applications. If they find vunerabilities in the lowest layer of code then Linux is in trouble too because there's an awful lot of shared code there. Anyone remember the ssh hole which allowed you to root a box? So the issue would be in the Apple provided layers.
As anyone who has designed, or worked at a high level, on a complete system knows you design as much as you like and you can use defensive coding as much as you can but there will always be edge cases and unfortunately the only way to find them is when something breaks or is broken. Then what you must do is fix them asap and not do what a certain OS company does is first deny they exist, then admit they exist and say it will be patched, and then finally release a patch some months later. Having said that they have been a bit better lately.
I get anoyed at people saying how secure OS-X is or Linux or what ever. There is no one true OS. All this my macho my OS is better that your OS pisses me off. People use different OSs because of the applications they want to use and their working style.
I have several requirements for my personal laptop (compared to my office one). It must be small and lightweight, easy to use, manage my arty hobbies (films, photography, music and other media), but also allow me to do my consultancy work if needed which is mainly *NIX development (C, C++ and Java) and writing reports, feasibility studies and the like. I don't play games that much and I have consoles for that (although since I now travel a lot a DS may be appear in my purse in the near future). So I have a Mac. It does all that I need.
I could use my works Dell but having to occasionally reboot from Linux in to XP and back again would anoy the hell out of me. Also its huge.
no such thing as a white hat... (Score:5, Interesting)
I mean - I can only assume this was a 'white hat' hackers conference, given there was actual publicity given and a public bounty and such. But then things like these pop up?
Makes me think.. black hat, white hat.. what's the difference these days? I thought a white hat hacker was the 'good guy' (albeit still a hacker).. the kind of person who hacks for fun / curiosity.. the kind of person who notifies the developer of the bug or, at least, just makes the bug known to the world at no charge. Not the kind of person who hacks, then scours the 'security conferences' for a bounty, and when that bounty is lower than what they could get off of actual 'bad guys', complain that the bounty is too low. To me, that just sounds like the person is a black hat, but dons a white hat on top in an attempt to fool us into thinking they're white hat.
Re:Admin user or regular user? (Score:3, Interesting)
Re:Konqueror (Score:2, Interesting)
By the way— Should be "update's," for consistency.
What I want to know (Score:4, Interesting)
While I understand that for the purposes of the contest it might have been necessary to reduce those protections, I think that before something becomes "news" we should know what the real risk is.
Does this hack require the user to manually disable protections the OS ships with, or manually enable services that default to off? The article seems light on detail.