Linked by Thom Holwerda on Thu 19th Mar 2009 06:44 UTC, submitted by Moulinneuf
Privacy, Security, Encryption As he had already predicted, cracker Charlie Miller has won the PWN2OWN contest by cracking Safari and Mac OS X within seconds of the start of the competition. "It took a couple of seconds. They clicked on the link and I took control of the machine," Miller said after his accomplishment. He took home the USD 10000 prize, as well as the MacBook he performed the exploit on. Internet Explorer 8 fell a while later by cracker Nils, who also cracked Safari and Firefox after being done with IE8.
Thread beginning with comment 354011
To read all comments associated with this story, please click here.
Well
by Bounty on Thu 19th Mar 2009 22:45 UTC
Bounty
Member since:
2006-09-18

Not every exploit is reliable. Sometimes you have checked your exploit very carefully, and they have something ever so slightly different. Some exploits are very reliable or simple and take no work or jiggling of the handle (like IIS Unicode/Code Red.) It just worked. The fact that he walked in and threw down on Safari, means it is probably a reliable exploit.

I don't know how long it took for the other exploits, it may be telling if we find out. I'm guessing it wasn't 10 seconds for the others. If it was, the headline would be everything pwned in 30 seconds! The IE/Windows 7 exploit was described as brilliant I think, which may mean it was not easy, or quick to execute. It may have taken several delicate steps to get access.

Reply Score: 1