Linked by Thom Holwerda on Thu 19th Mar 2009 06:44 UTC, submitted by Moulinneuf
Privacy, Security, Encryption As he had already predicted, cracker Charlie Miller has won the PWN2OWN contest by cracking Safari and Mac OS X within seconds of the start of the competition. "It took a couple of seconds. They clicked on the link and I took control of the machine," Miller said after his accomplishment. He took home the USD 10000 prize, as well as the MacBook he performed the exploit on. Internet Explorer 8 fell a while later by cracker Nils, who also cracked Safari and Firefox after being done with IE8.
Permalink for comment 353947
To read all comments associated with this story, please click here.
RE[3]: Money
by macUser on Thu 19th Mar 2009 16:15 UTC in reply to "RE[2]: Money"
macUser
Member since:
2006-12-15

Once more for the hard of hearing: Safari was taken down, yes, but not in seconds. The guy spent hours, days, weeks, maybe months looking for this whole, then even more time writing code that performed the exploit. Then he ran, and that apparently only took seconds. Big f--king deal.

My personal web site generation framework has I don't know how many hundreds of hours of work put in it, but it spits out pages in usually somewhere between ten and twenty miliseconds. That says nothing about the effort involved (well, it does, in that it did take a bit of optimisation to get it to run faster).

That Firefox and IE took longer to fall just means that the people who went after them weren't as well prepared, or possibly less talented than whatshisface here. Noone shows up to this kind of thing and then start looking for exploits.

ERGO: the non-sensationalist headline for this story would be something like "BROWSERS STILL SUCK AT THE SECURITIES".

End message.


I'd mod you up, but I already responded. Couldn't have said it better!

Reply Parent Score: 1