Linked by Thom Holwerda on Thu 19th Mar 2009 06:44 UTC, submitted by Moulinneuf
Privacy, Security, Encryption As he had already predicted, cracker Charlie Miller has won the PWN2OWN contest by cracking Safari and Mac OS X within seconds of the start of the competition. "It took a couple of seconds. They clicked on the link and I took control of the machine," Miller said after his accomplishment. He took home the USD 10000 prize, as well as the MacBook he performed the exploit on. Internet Explorer 8 fell a while later by cracker Nils, who also cracked Safari and Firefox after being done with IE8.
Permalink for comment 354226
To read all comments associated with this story, please click here.
segedunum
Member since:
2005-07-06

"It wasn't Apple's proprietary code in Safari that was cracked."

That's just a sad deluded excuse and also last year's method. There is a core to WebKit certainly, but the way it works in Safari has seen it extended with Apple's own code and APIs and the way it is implemented on OS X. Then there is the whole DashBoard implementation which is a whole other level and another can of worms.

If it really was WebKit then we would have seen WebKit browsers on Windows, such as Chrome or even Safari, or Chrome on Linux being easy targets. We haven't. As Miller said in TFA:

He makes a clear distinction between the browser and the underlying operating system, stating that for example while Firefox on Windows is very hard to crack, Firefox on Mac OS X is easy, because Mac OS X lacks all the anti-exploit features Windows has built-in. "The things that Windows do to make it harder [for an exploit to work], Macs don't do," Miller says, "Hacking into Macs is so much easier. You don't have to jump through hoops and deal with all the anti-exploit mitigations you'd find in Windows."


Firefox on Mac is pretty easy too. The underlying OS doesn’t have anti-exploit stuff built into it.


Chrome is a WebKit using browser:

There are bugs in Chrome but they’re very hard to exploit. I have a Chrome vulnerability right now but I don’t know how to exploit it. It’s really hard. The’ve got that sandbox model that’s hard to get out of.


Edited 2009-03-20 22:00 UTC

Reply Parent Score: 2