Linked by Thom Holwerda on Fri 28th Mar 2008 20:39 UTC, submitted by irbis
Privacy, Security, Encryption "An Apple Mac was the first victim in a hacker shoot-out to determine which operating system is the most secure. A former US National Security Agency employee has trousered USD 10000 for breaking into a MacBook Air at CanSecWest security conference's PWN 2 OWN hacking contest. The MacBook was lined up against Linux and Vista PCs - which have so far remained uncracked. Nobody was able to hack into the systems on the first day of the contest when contestants were only allowed to attack the computers over the network, but yesterday the rules were relaxed so that attackers could direct contest organisers using the computers to do things like visit websites or open email messages. The MacBook was the only system to be hacked by Thursday. Miller didn't need much time. He quickly directed the contest's organisers to visit a website that contained his exploit code, which then allowed him to seize control of the computer, as about 20 onlookers cheered him on. He was the first contestant to attempt an attack on any of the systems." There is more bad news for Apple: "If you have Apple and compare it to Microsoft, the number of unpatched vulnerabilities are higher at Apple." Update: The contest is over. Vista got hacked using Adobe's Flash, Ubuntu was left standing.
Thread beginning with comment 307330
To read all comments associated with this story, please click here.
time
by SK8T on Mon 31st Mar 2008 04:43 UTC
SK8T
Member since:
2006-06-01

there's one more important faktor we should not forget: time.

Leopard is the the youngest operating system in the test. That means less time to patch security flaws.

Reply Score: 2

RE: h
by apoclypse on Mon 31st Mar 2008 06:57 in reply to "time"
apoclypse Member since:
2007-02-17

Leopard may indeed be the most recently released of the bunch, but jut like windows and Linux it is based offs of pre-existing code.Webkit wasn't released yeeteday, the issue probably existed before but was never exploited. The reason the exploit is a big deal is that it also affects the iPhone. As it we pointe the guy who flu d the exploit also found similar issues with safari on the iphone. It was obvious that the app is unsate, the stupid thning let you hack the device by using a tiff file. Blaming on the time is kind of lame. Safari is on version 3 which should be enough versions to at least make the browser safe. Apple doesn't have their eye on security and probably won't until they go through the same experience that MS had.

Reply Parent Score: 2