Linked by Thom Holwerda on Thu 19th Mar 2009 06:44 UTC, submitted by Moulinneuf
Privacy, Security, Encryption As he had already predicted, cracker Charlie Miller has won the PWN2OWN contest by cracking Safari and Mac OS X within seconds of the start of the competition. "It took a couple of seconds. They clicked on the link and I took control of the machine," Miller said after his accomplishment. He took home the USD 10000 prize, as well as the MacBook he performed the exploit on. Internet Explorer 8 fell a while later by cracker Nils, who also cracked Safari and Firefox after being done with IE8.
Thread beginning with comment 353864
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[4]: Sad to say
by oxygene on Thu 19th Mar 2009 09:30 UTC in reply to "RE[3]: Sad to say"
Member since:

This is disrespectful to the end user, the person who we tend to forget, is the most important person in front of the computer.

Huh? "the most important person in front of the computer"?
Probably for companies that have to care about their market share. But for some random Joe Hacker?

Reply Parent Score: 1

RE[5]: Sad to say - I'm an end user
by jabbotts on Thu 19th Mar 2009 13:05 in reply to "RE[4]: Sad to say"
jabbotts Member since:

As a tech professional and an end user, I think things that benefit my computing experience are pretty important.

My grief with large software companies is not that they are successful but that they continue to make decisions in favor of the shareholders at the expense of the end user. A better balance between profits and product quality could be struck but that doesn't maximize shareholder equity payouts.

Apple has a vested interest in appearing invulnerable. It's BS marketing and company insecurity but the network stack bug that "didn't exist"... They braught in lawyers to silence the researchers that tried to report it. Then quietly a month later, a patch for the network stack and drivers apears in the osX Update utility. Microsoft also suffers from the idea that publicly announced bug counts are a discredit to marketing so it's more important to push blame on to third party developers rather than fix the OS flaw that the third party apps keep getting exploited through. Neither of these things benefits the end user.

As an end user, I want new features to benefit me rather than be purely to give the appearance of a new product we all have to upgrade too. As a technology professional, I want things that make my users computing life easier and safer. As a security professional specifically, I'd like nothing more than to work myself out of a job. My goal is to arrive at work and find out that there are no risks to mitigate or future risks to plan for because of end user education and product quality; luckily, I have many years of employment before that's likely to happen.

It's all about the end user; either myself or the people I support. (but yeah, it's sad that the end user is just a wallet to come of the biggest retailers)

Reply Parent Score: 5