Linked by Thom Holwerda on Thu 19th Mar 2009 06:44 UTC, submitted by Moulinneuf
Privacy, Security, Encryption As he had already predicted, cracker Charlie Miller has won the PWN2OWN contest by cracking Safari and Mac OS X within seconds of the start of the competition. "It took a couple of seconds. They clicked on the link and I took control of the machine," Miller said after his accomplishment. He took home the USD 10000 prize, as well as the MacBook he performed the exploit on. Internet Explorer 8 fell a while later by cracker Nils, who also cracked Safari and Firefox after being done with IE8.
Permalink for comment 353968
To read all comments associated with this story, please click here.
taking over via the browser is good enough
by JoeBuck on Thu 19th Mar 2009 19:02 UTC
JoeBuck
Member since:
2006-01-11

If a cracker can get in via the browser and can then operate after that with the full privileges of the user, that's good enough for all practical purposes on a machine that basically has one user. Ordinary user permissions suffice to send spam or to participate in a botnet. Whining that an attack by means of the browser is somehow less serious is misguided.

Reply Score: 4