Dermatea Posted March 28, 2008 Share Posted March 28, 2008 Yet another contest by TippingPoint with oodles of cash on the line for whoever can 'hack a Mac' first: http://www.pcworld.com/article/id,143901/article.html Rival operating systems were tested too at the CanSecWest security conference, including Linux and Vista: http://www.pcworld.com/article/id,143883-page,1/article.html Link to comment Share on other sites More sharing options...
InorganicMatter Posted March 28, 2008 Share Posted March 28, 2008 Morale of the story: use Firefox. Link to comment Share on other sites More sharing options...
apowerr Posted March 28, 2008 Share Posted March 28, 2008 Wow, at least now Apple will get to patch this issue. Link to comment Share on other sites More sharing options...
macgirl Posted March 28, 2008 Share Posted March 28, 2008 Bah, why choose other computers to win than the MacBook Air Link to comment Share on other sites More sharing options...
A Nonny Moose Posted March 28, 2008 Share Posted March 28, 2008 As I've posted elsewhere, the Mac was most likely targeted first to "shut those smug Mac users up." While I'm not saying this to demean the exploit (all exploits should be taken seriously), let's at least put it into context with the Mac getting hit first. Link to comment Share on other sites More sharing options...
InorganicMatter Posted March 28, 2008 Share Posted March 28, 2008 As I've posted elsewhere, the Mac was most likely targeted first to "shut those smug Mac users up." While I'm not saying this to demean the exploit (all exploits should be taken seriously), let's at least put it into context with the Mac getting hit first. Really though, this is not that big a deal. It was just a browser exploit; they are common, can be cooked up quickly by any script kiddie, and still require stupidity on the user's part to actually work. The Macbook was just the first to go because people wanted it to go first; it could have just as easily been the Linux or Windows that went (and probably will tomorrow). Link to comment Share on other sites More sharing options...
Forceman Posted March 28, 2008 Share Posted March 28, 2008 Really though, this is not that big a deal. It was just a browser exploit; they are common, can be cooked up quickly by any script kiddie, and still require stupidity on the user's part to actually work. The Macbook was just the first to go because people wanted it to go first; it could have just as easily been the Linux or Windows that went (and probably will tomorrow). Not really, if they use Fedora for example SELinux makes it much harder, hack a exploit is fine but what damage can you do with it, SELinux helps to limit the damage done. Link to comment Share on other sites More sharing options...
thespottedelf Posted March 28, 2008 Share Posted March 28, 2008 Its just another proof of concept... Link to comment Share on other sites More sharing options...
CLiDE FTW!!1 Posted March 28, 2008 Share Posted March 28, 2008 It's not like OS X is in-hackable ... Our OSX86 team has outwitted Apple many-a-times. I hope this is (yet another) wake up call to naive Mac Users who believe that by booting in OS X, they are 110% absolutely safe (Or ANY OS, for that matter). If it's human made, of course it's going to have flaws. Case closed. Link to comment Share on other sites More sharing options...
Lostgame Posted March 28, 2008 Share Posted March 28, 2008 Well, at least it was the MacBook air, and not a good Mac laptop. Link to comment Share on other sites More sharing options...
macgirl Posted March 28, 2008 Share Posted March 28, 2008 Sure, the MacBook is the good one Link to comment Share on other sites More sharing options...
Forceman Posted March 28, 2008 Share Posted March 28, 2008 Theres' not differences between hacking any Mac, why is it a Macbook Air that gets hacked, thats just stupid. Link to comment Share on other sites More sharing options...
Lostgame Posted March 28, 2008 Share Posted March 28, 2008 Sure, the MacBook is the good one Well, in every regard, it's literally better than the MacBook air, barring the mousepad gimmick, and if you're stupid enough to pay $1799 for a laptop that has so many less features than the $1099 one, you might consider becoming sensible and spending the extra $200 and buying a $1999 laptop that kicks the $1099 one's ass, (which, I reiterate, is far more powerful and feature-filled than the pathetic MBA). Link to comment Share on other sites More sharing options...
(MoC) Posted March 28, 2008 Share Posted March 28, 2008 What's the big deal about a browser exploit. There will be a patch coming out in a few days and they hype is over. Link to comment Share on other sites More sharing options...
mac_cute Posted March 28, 2008 Share Posted March 28, 2008 What's the big deal about a browser exploit. There will be a patch coming out in a few days and they hype is over. <_> Yeah...Probably,a 20 Mb patch Link to comment Share on other sites More sharing options...
(MoC) Posted March 28, 2008 Share Posted March 28, 2008 Yeah...Probably,a 20 Mb patch Haha. Maybe, who knows, maybe there will be a kernel update. Link to comment Share on other sites More sharing options...
Paranoid Marvin Posted March 28, 2008 Share Posted March 28, 2008 They'll probably give Safari a minor update soon anyway to implement the newest build of WebKit, which passes the Acid 3 test Link to comment Share on other sites More sharing options...
khaled_acmilan Posted March 28, 2008 Share Posted March 28, 2008 i can't believe in this new anymore (Vista and Ubuntu better than Mac OS X). Link to comment Share on other sites More sharing options...
scj312 Posted March 28, 2008 Share Posted March 28, 2008 Does this seriously come to be a surprise to anyone? Macs have been the first to go at similar contests. In related news, Microsoft patches faster than Apple does. Come on Apple, don't be stupid. Link to comment Share on other sites More sharing options...
Forceman Posted March 28, 2008 Share Posted March 28, 2008 It's time for Apple to batten down the hatches, OS X is being exposed more and more. Link to comment Share on other sites More sharing options...
Forceman Posted March 29, 2008 Share Posted March 29, 2008 7:30pm PST Update - Vista Laptop was Won!: Congratulations to Shane Macaulay from Security Objectives - he has just won the Fujitsu U810 laptop running Vista Ultimate SP1 after it was installed with the latest version of Adobe Flash. Not only is he the official winner of the Fujitsu laptop, but also $5,000 from us. Shane received some assistance from his friends Derek Callaway (also from Security Objectives) and Alexander Sotirov. If you'll also remember, Shane Macaulay was Dino Dai Zovi's on-site team member at last year's PWN to OWN event in which they ultimately took the top prize. The new Adobe Flash 0day vulnerability that Shane exploited has been acquired by the Zero Day Initiative, and has been responsibly disclosed to Adobe who is now working on the issue. Until Adobe releases a patch for this issue, neither we nor the contestants will be giving out any additional information about the vulnerability. You will be able to track the vulnerability on the Zero Day Initiative upcoming advisories page. So at the end of the last day of the contest, only the Sony VAIO laptop running Ubuntu was left standing. Link to comment Share on other sites More sharing options...
A Nonny Moose Posted March 29, 2008 Share Posted March 29, 2008 Does this seriously come to be a surprise to anyone? Macs have been the first to go at similar contests. In related news, Microsoft patches faster than Apple does. Come on Apple, don't be stupid. It's not Apple being stupid as much as it is people intentionally targeting the Mac "to shut people up." Then they went to Windows because any five year old can write a virus for Windows using Visual Basic. Ubuntu was unhacked because nobody cares about Linux getting hacked. I'm not trying to downplay the event, but let's be real here. Link to comment Share on other sites More sharing options...
Forceman Posted March 29, 2008 Share Posted March 29, 2008 It's not Apple being stupid as much as it is people intentionally targeting the Mac "to shut people up." Then they went to Windows because any five year old can write a virus for Windows using Visual Basic. Ubuntu was unhacked because nobody cares about Linux getting hacked. I'm not trying to downplay the event, but let's be real here. Are you for real, all three computers where hacked in the same way, OS X get hacked on the second day because default apps where able to be included, showing Safari as the reason(quicktime last year). Third day, third party apps/plugins which exposes Adobe's proprietary flash which they were able to get into Vista. Linux remains unhacked because they simply didn't and couldn't find a way in and shows the false claims that opensource software is more vunarable. Just like to say as well that Ubuntu dont even include SELinux or Appamour by default enabled which makes it even less lightly for them to do damange ones they got in. Ubuntu will have Appamour in Hardly and are working on SElinux intergration like Fedora have had by default. The laptop was a Sony Vaio and comes with a cash prize, if thats not a good reason to hack the {censored} out of it, I dont know what is. Link to comment Share on other sites More sharing options...
A Nonny Moose Posted March 29, 2008 Share Posted March 29, 2008 Yes, the title of this piece leads one to believe that they attempted to hack all machines simultaneously, somehow, and the Mac "fell" first. But when I read on further, there was no mentioning of the other two machines, so I began to wonder.Well, we know that the Mac is not immune to attacks and that one needs to be careful, but the good news to me, is that no one managed to hack into any of them from the outside without any help. I would call that progress and maybe especially on the Windowsside, if we think back just a few years. Time moves fast in the digital world:)I wonder if they decided to let the Mac be attacked first, just so they could see titles such as the one we have seen here?But why would Macworld choose such a title? Are you trolling for hits? Apparently, the other two machines weren't even touched the second day. No one has made any attempts on the other machines yet. Nobody cares about Linux and if a Mac Pro with Linux was offered as the prize, that thing would be hacked in ten seconds. Link to comment Share on other sites More sharing options...
Forceman Posted March 29, 2008 Share Posted March 29, 2008 It's funny how you quoted someone from a thread and NOT what actually happened, the guy knew about the flaw in Safari so it was hacked faster, Vista was hacked because of a flash exploit and the idea no one wanted to hack the linux laptop is stupid. It's a simple fact that you attack the easier one and OS X/Safari was, Ubuntu doesn't even come with Flash by default(OS X/Vista does) so that makes Ubuntu a much harder target because of no known exploits. LOL, If the Ubuntu laptop was so easy to hack as you claimed then them guys were stupid passing up a Sony laptop and $5,000. Link to comment Share on other sites More sharing options...
Recommended Posts