Linked by Thom Holwerda on Thu 25th Mar 2010 22:20 UTC
Privacy, Security, Encryption It's that time of the year again; that time of the year where news outlets get to indulge in sensationalist headlines about how Mac OS X got hacked in twenty seconds. Yes, CanSecWest just held its Pwn2Own contest again, and they fell like drunk 16-year-olds this time (don't read too much into that one, please).
Permalink for comment 415386
To read all comments associated with this story, please click here.
RE[2]: Windows 7 secure? Ha!
by bousozoku on Fri 26th Mar 2010 18:30 UTC in reply to "RE: Windows 7 secure? Ha!"
bousozoku
Member since:
2006-01-23

DEP is 100% unbreakable if permissions are set correctly. And that's not really difficult. The problem is that lately everybody and his hamster is playing with JIT which forces you to have code to set and unset permissions.

Even then, full ASLR should protect you from that. In this case the problem is that you can know where a function will be, at some point the OS or the program itself is giving out too much information. In any case, Windows ASLR is more complete than Linux's; and MacOS X's is even worse and only available in the latest version.
...


If you can bypass ASLR in Windows as was done, it doesn't seem as though full ASLR (as Windows advocates say) is much better than the partial ASLR that Mac OS X has.

Charlie Miller said that Mac OS X is easier to hack than Windows 7 but it doesn't seem that it's more than a matter of degrees. Of course, they're still attacking by browser, so apparently neither one has a direct opening.

It's good enough, though, because some users will click on anything.

Reply Parent Score: 3