Apple's OS X, Microsoft Windows, and Linux operating systems are to be pitted against each other in an ethical hacking contest in Vancouver next month. Run by the organizers of the CanSecWest Vancouver 2008 security conference, the competition is a repeat of the 'PWN to Own' contest at CanSecWest in 2007, when security researchers competed to win a MacBook Pro and USD 10000.
To read all comments associated with this story, please click here.
Member since:2008-01-20
I agree, but also, wireless card also matters (because there can be bugs in the drivers). If they don't use the same wireless card on OSX as on the rest of them (generally they are atheros), it means it is not fair. Vista, most linux distro's and OSX pretty much support atheros out of the box. And also, if outbound connections will be permitted (ie, safari connects to a webpage).
Any hackers joining though, I know they will find OSX to be the easiest to exploit as at the moment, its programs are the least refined since their release (Vista has had 1 year to stabilise its programs, and linux, well, thats gonna be dependant, as mentioned on the distro).
But yeah, I agree with MiliTux, I hope they have a good gameplan and at least make it fair.
I hope everyone just sees it as fun though, because, I'd hate to put up with either linux, OSX,BSD,OS/2 OR windows fanboys all week bragging about how secure they are over a poorly set up contest.
But honestly, my guess, is that they may all be hacked within an hour anyway depending on the rules. Safari, firefox and Internet explorer probably all have a lot of exploits (lets face it, web browsers are getting so complex these days, you could run one in EFI, and use it as your OS, and in fact, some bios' already let you run a web browser inside them).
And there better be NX on all three... Otherwise, the whole thing is a joke
Member since:2007-02-17
That isn't a Debian characteristic, it is strictly an "Ubuntuism".
https://help.ubuntu.com/community/RootSudo
Personally, when I am using an Ubuntu system, and I need to be root, I generally just use the command 'sudo su'.
Debian systems have a normal root user, just like most other Linux distributions do.
http://www.tonotono.net/ua/nph-.cgi/000000A/http/www.linuxdevcenter...
Fedora ships with SELinux.
http://fedoraproject.org/wiki/Security/Features
Fedora is probably the most well known desktop Linux distribution you would go for if you were after the best security out-of-the-box.
Edited 2008-02-08 09:48 UTC
Member since:2006-01-04
Member since:2005-08-11
Member since:
2007-05-16
What will be interesting is the linux distro that is ultimately chosen. I guess a default system bought from Dell (i.e. Ubuntu) could be tested. But there are many distros which each take a different approach to security. Consider Debian systems, no root user, instead use sudo, vs. RPM type systems which have a root user with a different password to the ordinary user.
Also, you have different security apps, e.g. AppArmor, and different firewalls.