A Nonny Moose Posted March 30, 2008 Share Posted March 30, 2008 No, it took them longer during that second day, i.e more than 2 minutes which it only took them to do OS X/Safari. My question is where does Flash lie in this? Day 1: March 26th: Remote pre-auth All laptops will be open only for Remotely exploitable Pre-Auth vulnerabilities which require no user interaction. First one to pwn it, receives the laptop and a $20,000 cash prize. The pwned machine(s) will be taken out of the contest at that time. Day 2: March 27th: Default client-side apps The attack surfaces increases to also include any default installed client-side applications which can be exploited by following a link through email, vendor supplied IM client or visiting a malicious website. First one to pwn it receives the laptop and a $10,000 cash prize. The pwned machine(s) will be taken out of the contest at that time. Day 3: March 28th: Third Party apps Assuming the laptops are still standing, we will finally add some popular 3rd party client applications to the scope. That list will be made available at CanSecWest, and will be also posted here on the blog. First to pwn it receives the laptop and a $5,000 cash prize. Link to comment Share on other sites More sharing options...
Forceman Posted March 31, 2008 Share Posted March 31, 2008 Day 3: March 28th: Third Party appsAssuming the laptops are still standing, we will finally add some popular 3rd party client applications to the scope. Flash comes with Vista but not the lastest version which they were able to install on the third day. UPDATE http://www.roughlydrafted.com/2008/03/31/t...d-slander-oops/ Link to comment Share on other sites More sharing options...
InorganicMatter Posted March 31, 2008 Share Posted March 31, 2008 Leave it to Adobe to screw something up: http://www.theregister.co.uk/2008/03/29/ub..._left_standing/ Plenty of commentators have made hay of the MacBook Pro being the first to exit the race, and Linux zealots are sure to conclude the contest results prove the superiority of that platform. Maybe. But that's not how it looks to Macaulay, who says with a few hours of tweaking, his exploit will also work on OS X and Linux. So there's your precious Linux superiority. Link to comment Share on other sites More sharing options...
Forceman Posted March 31, 2008 Share Posted March 31, 2008 It was never about Linux being superior, it's just a contest for god sake to make the people aware of 0day exploits. Link to comment Share on other sites More sharing options...
the_mist Posted March 31, 2008 Share Posted March 31, 2008 I blame marketing for the hype surrounding SAFARI Your dead wrong. I blame Apple Trojan Horsing Safari as an "Apple's Update" when you and I know that's just plain wrong. Apple gets what it deserved for pulling such a shady move on end users. Now nobody will install Crapfari it's been exposed as trash code! P.S Forceman Your little Linux box was just as hackable as the Vista box. "Some of the show's 400 attendees had found bugs in the Linux operating system, she said, but many of them didn't want to put the work into developing the exploit code that would be required to win the contest." [who the hell would put the time into cracking a Linux box when you won't get the press. It's just as hackable as any code] http://www.cio.com/article/324313/With_Vis...Hacking_Contest Compared to the vast majority of users who use the Windows OS times the number of users who use OSX and Linux, Vista kicked ass. There's more instances of Windows code to be exploited however as the facts state Mac first, Vista second, Linunx last. It could have easily been Mac, Linux, Vista, it's just not worth cracking Linux like someone else said on this board. You spend your time researching and hacking the OS that millions of people use, not some open source beta product. Link to comment Share on other sites More sharing options...
Forceman Posted March 31, 2008 Share Posted March 31, 2008 Honestly, do you people even get the idea of the contest?, of course they can hack any one but with the rules as they were and time they didn't with Ubuntu. My Linux box, What, Linux has bugs?, OMG you've just broken my heart and dreams. It was all about 0day exploits as I've said all along not general hacking. Also what a bunch of idiots for passing up a Sony Vaio Laptop and $10,000/$5,000 then if they didn't want to put the time in. LOL, Opensource beta product eh?, tell that to Apple with 200mb patches and 50mb security patches. Link to comment Share on other sites More sharing options...
A Nonny Moose Posted March 31, 2008 Share Posted March 31, 2008 Mist just proved the entire point of "nobody wants to win a Linux box." Like it or not, nobody wants to win something they can already download and install for free, even with a cash prize thrown in. Link to comment Share on other sites More sharing options...
Forceman Posted April 1, 2008 Share Posted April 1, 2008 Then their ego's got the better of them, no very smart are they, besides it's NOT a "Linux box", you can install whatever you want on it because it's a Sony Vaio laptop which is more than lightly alot more powerful than a Macbook Air. Link to comment Share on other sites More sharing options...
A Nonny Moose Posted April 2, 2008 Share Posted April 2, 2008 In a way, I agree that their egos got the best of them. The prize though, was still bad compared to the Windows or OS X laptops, simply because you are forced to dip into the cash prize if you want something other than Linux on said box. Link to comment Share on other sites More sharing options...
Forceman Posted April 2, 2008 Share Posted April 2, 2008 Why on earth would a "Windows" laptop be better than the Linux laptop, that dont make sense. I dont see the big deal of doing all that for a macbook Air, you can buy 8 of them with $10,000 and for the price they are overrated. When it comes down to it they didn't hack the Linux box which in itself shows Linux is even safer, thats ok OS X will get hacked more now. Link to comment Share on other sites More sharing options...
Maxintosh Posted April 2, 2008 Share Posted April 2, 2008 if a hack requires the user to initiate it then that's just not a hack at all but just a script. ...and that's the bottom line. Well said! Link to comment Share on other sites More sharing options...
Forceman Posted April 2, 2008 Share Posted April 2, 2008 I'm sure you people check every link, I mean people who get done by online fraud or hacked like that are all a bunch of computer dumb morons right? Link to comment Share on other sites More sharing options...
Adrianr Posted April 2, 2008 Share Posted April 2, 2008 It's amazing anyone is assuming they were doing it for the prizes!!! They do it for the reputation! I'm sure they couldn't give two blinkin hoots about what laptop they won, i doubt they'de ever actually use it! Link to comment Share on other sites More sharing options...
apowerr Posted April 2, 2008 Share Posted April 2, 2008 Mist just proved the entire point of "nobody wants to win a Linux box." Like it or not, nobody wants to win something they can already download and install for free, even with a cash prize thrown in. That makes no sense. Regardless of the OS you still get a nice Sony laptop. You can install Windows, OSx86, or whatever you may please on it! Link to comment Share on other sites More sharing options...
A Nonny Moose Posted April 3, 2008 Share Posted April 3, 2008 If you're going to sell it, you need a significant investment, erei (installing Windows, since it will sell for more with Windows than with Linux). Mist proved from the conference notes themselves that nobody WANTED to win the Linux contest and thus get the Linux box. Link to comment Share on other sites More sharing options...
InorganicMatter Posted April 3, 2008 Share Posted April 3, 2008 I'm sure you people check every link, I mean people who get done by online fraud or hacked like that are all a bunch of computer dumb morons right? I do check every link. And yes, only dumb morons get hacked. You'd have to be a complete idiot to click a link like that, fall for any of the phishing scams, or let your computer. Mac OS X + Firefox + Linux firewall + ClamAV in Linux firewall + OpenDNS Phishing Protection = BULLETPROOF Link to comment Share on other sites More sharing options...
Recommended Posts