Linked by Thom Holwerda on Fri 28th Mar 2008 20:39 UTC, submitted by irbis
Privacy, Security, Encryption "An Apple Mac was the first victim in a hacker shoot-out to determine which operating system is the most secure. A former US National Security Agency employee has trousered USD 10000 for breaking into a MacBook Air at CanSecWest security conference's PWN 2 OWN hacking contest. The MacBook was lined up against Linux and Vista PCs - which have so far remained uncracked. Nobody was able to hack into the systems on the first day of the contest when contestants were only allowed to attack the computers over the network, but yesterday the rules were relaxed so that attackers could direct contest organisers using the computers to do things like visit websites or open email messages. The MacBook was the only system to be hacked by Thursday. Miller didn't need much time. He quickly directed the contest's organisers to visit a website that contained his exploit code, which then allowed him to seize control of the computer, as about 20 onlookers cheered him on. He was the first contestant to attempt an attack on any of the systems." There is more bad news for Apple: "If you have Apple and compare it to Microsoft, the number of unpatched vulnerabilities are higher at Apple." Update: The contest is over. Vista got hacked using Adobe's Flash, Ubuntu was left standing.
Thread beginning with comment 307059
To read all comments associated with this story, please click here.
Finally...
by 1c3d0g on Fri 28th Mar 2008 22:09 UTC
1c3d0g
Member since:
2005-07-06

...Apple is being unmasked in front of everyone. Good. This will teach them not to make false claims about their oh-so secure and infallible O.S. I'm glad that for all the criticism, Vista was able to hold its ground (hey, UAC does work after all, who knew?). So what do y'all have to say now, Apple fanboys? I guess the best thing to do here is to admit that you've been 0wned. :-P

Linux I expected to do well, since it has its roots from Unix and likewise is designed to be secure by default. No O.S. this side of the Universe will beat OpenBSD in security though, and I would've liked to see that amazing O.S. included in this test as well.

Reply Score: 9

RE: Finally...
by sigzero on Fri 28th Mar 2008 22:11 in reply to "Finally..."
sigzero Member since:
2006-01-03

Nobody has said the Mac is invulnerable. The biggest claim is in the virus related arena. As a Mac user, I am glad that the exploit was found. Now it can be fixed. That is good.

Reply Parent Score: 6

RE[2]: Finally...
by tomcat on Sat 29th Mar 2008 01:11 in reply to "RE: Finally..."
tomcat Member since:
2006-01-06

Nobody has said the Mac is invulnerable.


C'mon, the Mac vs PC commercials imply as much. Mac users live in glass houses, and they really shouldn't be throwing stones.

Edited 2008-03-29 01:15 UTC

Reply Parent Score: 11

RE: Finally...
by wirespot on Fri 28th Mar 2008 22:22 in reply to "Finally..."
wirespot Member since:
2006-06-21

Do you even hear yourself? OS X is BSD, as opposed to Linux. And it's not even OS X that has a problem, it's Safari.

Reply Parent Score: 6

RE[2]: Finally...
by tomcat on Sat 29th Mar 2008 01:09 in reply to "RE: Finally..."
tomcat Member since:
2006-01-06

Do you even hear yourself? OS X is BSD, as opposed to Linux. And it's not even OS X that has a problem, it's Safari.


Wrong. If OS X ships with a particular piece of software, it's OS X, by definition.

Reply Parent Score: 6

RE[2]: Finally...
by sb56637 on Sat 29th Mar 2008 04:44 in reply to "RE: Finally..."
sb56637 Member since:
2006-05-11

And it's not even OS X that has a problem, it's Safari.

I don't know about that, if a user application exposes a back door into the core OS, isn't that the OS's fault for having a back door? Seems that an OS should have a failsafe core design that prevents a compromise in the case of a problem on the user's end.

Reply Parent Score: 8

RE[2]: Finally...
by hobgoblin on Sun 30th Mar 2008 00:04 in reply to "RE: Finally..."
hobgoblin Member since:
2005-07-06

bsd running a apple made DE and other bits. and it was one of those other bits that got hit, not the bsd bit.

Reply Parent Score: 2

RE: Finally...
by Clinton on Fri 28th Mar 2008 23:15 in reply to "Finally..."
Clinton Member since:
2005-07-05

OpenBSD is indeed very secure by default, but once you install stuff on it, it is vulnerable like anything else.

Reply Parent Score: 3

RE[2]: Finally...
by broch on Fri 28th Mar 2008 23:18 in reply to "RE: Finally..."
broch Member since:
2006-05-04

actually it is not if you install software from OBSD ports.

Reply Parent Score: 3

RE: Finally...
by latte on Sat 29th Mar 2008 01:31 in reply to "Finally..."
latte Member since:
2006-07-19

Agreed...

It'd be good to see all of the BSDs included, really. It'd make for some interesting comparisons.
- latte

Reply Parent Score: 3