Linked by Thom Holwerda on Fri 28th Mar 2008 20:39 UTC, submitted by irbis
Privacy, Security, Encryption "An Apple Mac was the first victim in a hacker shoot-out to determine which operating system is the most secure. A former US National Security Agency employee has trousered USD 10000 for breaking into a MacBook Air at CanSecWest security conference's PWN 2 OWN hacking contest. The MacBook was lined up against Linux and Vista PCs - which have so far remained uncracked. Nobody was able to hack into the systems on the first day of the contest when contestants were only allowed to attack the computers over the network, but yesterday the rules were relaxed so that attackers could direct contest organisers using the computers to do things like visit websites or open email messages. The MacBook was the only system to be hacked by Thursday. Miller didn't need much time. He quickly directed the contest's organisers to visit a website that contained his exploit code, which then allowed him to seize control of the computer, as about 20 onlookers cheered him on. He was the first contestant to attempt an attack on any of the systems." There is more bad news for Apple: "If you have Apple and compare it to Microsoft, the number of unpatched vulnerabilities are higher at Apple." Update: The contest is over. Vista got hacked using Adobe's Flash, Ubuntu was left standing.
Thread beginning with comment 307133
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: There's no invincible OS
by sbergman27 on Sat 29th Mar 2008 14:36 UTC in reply to "There's no invincible OS"
Member since:

But at the end of the day, if the user is stupid, and doesn't exact some sort of logical thinking while using a PC

I am not anti-mac by a long shot. But... as I posted earlier, all the user had to do was visit the web site with the exploit to give the cracker the foot in the door he needed. (There was no "Please download and run this." and no "Please enter your administrator password".) This site could just as easily have been a Google search hit encountered while a user was comparing the relative fuel economies of two cars he we considering buying. I really don't see how or why anyone would choose to defend it. And by blaming the user, at that!

Apple needs to fix this serious security hole. Period.

That said, people are still safer with Mac than with Windows. Because the fact of the matter is that, for whatever reason (it doesn't matter), Windows users are the ones under siege. If you had a choice of two Kevlar vests, of known equal quality, and of two associated destinations, would you rather wear vest #1 and go to Omaha Nebraska, where occasionally one reads in the paper about how someone was shot? Or would you rather wear vest #2 and go to a war zone?

While arguments that state, or imply, that if everybody used Operating System Q, it "would be just as vulnerable as Operating W is" are common, they are also completely specious.

Windows advocates: "If only it were you under attack. If only I weren't the one under attack all the time!"

Everyone else: "Butcha are, Blanche! Ya are!"

Reality prevails... again.

Edited 2008-03-29 14:40 UTC

Reply Parent Score: 8

RE[2]: There's no invincible OS
by tomcat on Mon 31st Mar 2008 06:37 in reply to "RE: There's no invincible OS"
tomcat Member since:

That said, people are still safer with Mac than with Windows. Because the fact of the matter is that, for whatever reason (it doesn't matter), Windows users are the ones under siege.

It's this kind of denial and complancency which has led Apple to fall on its face over security. Personallty, I'd rather use an OS from a supplier that has shown willingness and demonstrable success in improving security. At least Microsoft has that going in its favor.

Reply Parent Score: 2