Follow TechBlips on Twitter
Pwn2Own 2009: Mac falls in seconds
Technology: Technology blog | guardian.co.uk —
... in about two minutes. This year, as he'd warned beforehand, he pwned a fully patched MacBook in a few seconds, by exploiting a security vulnerability in Apple's Safari browser, as Ryan Naraine reports at ZD Net. ...
Mac security researcher wins Pwn2Own contest
AppleInsider —
... compare similar code on each side (with Mac OS X inheriting the vulnerability counts in optional open source server programs, Java, and other components that are not considered on the Windows side), the real problem is active exploits. Mac OS X continues to have no real viruses, while Windows users continue to be plagued by viruses, adware, and other security problems. At the same time however, the tech media is promoting the CanSecWest event as a "security shootout," with at least one report noting that browsers on the Windows box were "still standing" after Miller ...
Safari hacked in seconds; IE8 & Firefox fall soon after
SlashGear —
... Security researcher Charlie Miller has shown how he can hack into a MacBook notebook in a matter of seconds, via a Safari exploit that currently remains unaddressed. The demonstration was part of Pwn2Own 2009, a competition in which hackers attempt to break various platforms in the fastest time possible, taking away both a prize fund (in Miller’s case $10,000) and the machine they hacked. ...
Internet Explorer 8 Hack Countdown! (too late)
The Next Web —
... how a hacker named Nils ‘performed a clean drive-by download attack against the world’s most widely used browser to take full control of a Sony Vaio machine running Windows 7′ at the CanSecWest Pwn2Own content. the same hacker also managed to hack into Safari and Firefox. ...
Explorer 8 Hack Countdown! (too late)
The Next Web —
... how a hacker named Nils ‘performed a clean drive-by download attack against the world’s most widely used browser to take full control of a Sony Vaio machine running Windows 7′ at the CanSecWest Pwn2Own content. the same hacker also managed to hack into Safari and Firefox. ...
MacBook Hacked in Seconds in Pwn2Own Contest
The Mac Observer —
... into a MacBook last year. According to ZDNet , Mr. Miller was able to breach the Mac's security with a remote attack that only required the MacBook user to click a specific link in the Safari Web browser. "It took couple of seconds," Mr. Miller said. Mr. Miller's exploit last year took advantage of a security flaw in the Safari Web browser, too. Another hacker going by the name "Nils" also executed a successful ...
Safari hacked in a flash at Pwn2Own 2009, Firefox and IE8 follow
Download Squad —
... Security pro Charlie Miller came in to Pwn2Own 2009 with a plan, and things unfolded exactly the way he wanted them to. Within seconds of the competition's start, he had already gained control over the fully-patched MacBook running Apple's Safari web browser. ...
5Words for March 19th, 2009
Technologizer —
... Like news? You’ll LOVE this!
Gizmodo tests WiMax, likes it.
Cisco flips for the Flip.
Hacker compromises Mac in seconds.
New features in Silverlight 3.
Sirius founder: Sirius is doomed.
New iPhone clues in beta?
Steve Ballmer’s still courting Yahoo.
Random rumor: OLED Macs, iPhones.
Dell’s Adamo notebook on sale.
iPhone tethering seems to work.
Sprint roadmap: Pre, other phones.
Mobile Firefox ...
Safari cracked in seconds, MacBook completely taken over in security contest
CrunchGear —
... contest. Safari was cracked first, within a few seconds, actually, while the other two took a little while longer to crack. And by “crack” we mean remotely exploit the browser, then use said browser to take over full control of the computer. ...
Safari successfully exploited in seconds in Pwn2Own contest
Infinite Loop —
... Putting his money where his mouth is, so to speak, security reseacher Charlie Miller exploited Safari in mere seconds to take control of a test MacBook in the Pwn2Own contest held during the CanSecWest security conference. In fact, he did so with a default configuration and all security updates applied. Microsoft's Internet Explorer 8 and Mozilla's Firefox 3 were also successfully exploited later in the afternoon. ...
There's a hole in Safari, dear Liza
The Unofficial Apple Weblog (TUAW) —
... and Safari falls... in a short time. Well, to be fair, Safari fell after 24 hours and "... a couple of seconds" give or take a few. On day two of the event the "attack surface" widens -- that is, hackers are given more ways to hijack the machine. In this case, it wound up being a hole in Safari. As the barrier was lowered, an email was sent to the judges, who clicked on it, and that link took them to a special page that exploited the vulnerability. The exploit was discovered by Dino Dai Zovi who, "wrote the exploit overnight in about 9 hours" as ...
No Such Thing As A Secure Browser
The Blade by Ron Schenone, MVP —
... successful exploit.
“Nils” also scored a clean hit against Apple’s Safari (he was the second hacker to exploit Safari) and, later in the afternoon, he exploited a Firefox zero-day flaw to claim the trifecta.
I seriously doubt any of us will see a secure browser or secure OS in our lifetimes. There are just way to many smart folks who can break into any software produced by man.
Comments welcome.
Source.
SMS could be a critical iPhone vulnerability, says white-hat hacker
Betanews —
... presentation in Singapore today, Mac security expert and Pwn2Own 2009 champ Charlie Miller discussed a vulnerability on the iPhone that allows remote code execution through SMS, which can tap into an iPhone's GPS or microphone, to divulge the phone owner's location or eavesdrop on them. Phones that have been compromised can also be used in a botnet or DDOS attack. ...
