digg

Join DiggAbout

Donkeys and Elephants and Delegates,oh my!
Check out the most popular Elections 2008 content on Digg.

See the original image at engadget.com

PWN 2 OWN over: MacBook Air gets seized in 2 minutes flat

engadget.com — "And just think -- last year you were singing Dino Dai Zovi's praises for taking control of a MacBook Pro in nine whole hours. This year, the PWN 2 OWN hacking competition at CanSecWest was over nearly as quickly as it started, as famed iPhone hacker Charlie Miller showed the MacBook Air on display who its father really was.

Bury
show profanity settings
expand all
  • kiensoy, on 03/28/2008, -37/+50HackBook Air : Hackinnovation.
    • iPhrankie, on 03/28/2008, -30/+45"The mystery crack by Charlie Miller was dependent on visiting a website containing malicious code. The exploit took just two minutes to surface at the start of the day, which also invited guests to hack Linux and Windows systems.

      The exploit was presented on the second day of the three-day conference and appeared only once the competition eased rules, permitting hacks to require user actions rather than the strictly automatic hacks that were allowed the day before."

      The sad truth is that any system is vulnerable if you can get the user to do your bidding. However, this fact will not prevent a flood of comments along the lines of - OMG Mac was PWNED! Take that Macboys

      Windows users will conveniently forget about the Blaster worm that PWNED so many Windows boxes which did not require any user interaction.
      • jeriqo, on 03/28/2008, -6/+30I don't get it.

        "just two minutes to surface"

        Leopard was out for a while, they could have tested it for months.

        Of course, once it is found, an exploit only takes a few minutes to get executed.
        • FutureGuy, on 03/28/2008, -2/+8Yes and Vista, Linux were just out yesterday and they didn't have any time to try to hack it.
          • jeriqo, on 03/28/2008, -8/+1There are vulnerabilities found on vista and linux every week.
            You just cannot use an already known vulnerability.
            This contest is really dumb.
      • Tippis, on 03/28/2008, -2/+22In this case, "doing your bidding" wasn't much, though – clicking a link is enough.
        As for the Blaster worm, one of the main reasons it was so immensely successful (if you can call it that) was that the idiots at Microsoft hadn't turned the firewall on by default.
        • lamiaconfitor, on 03/28/2008, -6/+15and the idiots who got it used microsoft products without getting a better firewall.
        • gazzaDJ, on 03/28/2008, -8/+8Because adding 3rd party software with admin level access is excellent security practice.
          • andycr512, on 03/28/2008, -5/+18In XP, it's an absolute nightmare to run software without admin access. Tons of apps stop working correctly, or so I've heard.
          • Hortnon, on 03/28/2008, -13/+3"...or so I've heard."
          • burrgrinder, on 03/28/2008, -10/+12"...or so I've heard."

            Doublespeak for "I have no ***** clue about what I'm saying"
          • gazzaDJ, on 03/28/2008, -1/+4It can be a bit a effort, yes. I really do not see the need to run a 3rd party firewall or an active AV personally.
          • andycr512, on 03/28/2008, -0/+7Burrgrinder, Hortnon: No, I say that because I personally haven't tried. I have no access to XP at the moment, so I cannot test it myself, but have heard that very little works. Would you prefer I lie?

            At any rate, feel free to try it yourself.
          • cquinnd, on 03/28/2008, -0/+3Running most software on XP without admin level access is certainly possible, many corporate environments have done so for years. The concern is that the user accts are placed in groups and have group policy set to allow them standard access. 90+ percent of software runs fine from this context, the only things in general that the user cannot run are utilities like Defrag, which on XP need to be run exclusively with admin rights.
          • specialK16, on 03/28/2008, -0/+2Vista has some thing called virtualization, for compatibility with legacy apps that require admin access to some folders and registry but without giving them actual admin access.

            http://blogs.msdn.com/uac/archive/2006/02/22/53712 ...
            http://www.dcr.net/~w-clayton/Vista/UAC/UAC_app_co ...
      • AzMegladon, on 03/28/2008, -33/+7Hey mactard, if windows or linux went down first would u except any number of ***** excuses like the ones i am reading here? The answer is NO, U sound like FOX news :)

        Obama=PC
        Hillary=Mac
        • kcdstudios, on 03/28/2008, -17/+9you are doing it wrong

          Obama = Ubuntu
          Hilary = Windows ME

          Ron Paul/Jobs/Wozniak=OS X
        • burrgrinder, on 03/28/2008, -2/+21You're all doing it wrong. Computers are not analogous to politicians.
          • Nameless1, on 03/28/2008, -8/+6Oh yea? Well, your mom is not analogous to politicians.

            um. YEA.
          • specialK16, on 03/28/2008, -0/+2Well yeah, computers are cool, they do what we tell them to do, they almost always never argue with us, and most importantly, they are not lying son of a bitch thieves.
        • airquotes, on 03/28/2008, -2/+4Mactard? What a lame thing to say. I just left a 3 year job supporting windows in an Engineering company, I am Linux certified, and I just started working at a creative company doing Mac support.. anyone who would use the term mactard is most likey an equal tard of whatever platform they use.. OS X, being fully unix compliant now, Is capable of being more secure when configured than windows.. its just that out of the box, because there are less threats, out of the box the mac doesnt take as many default security measures, so this contest is really quite moot. That being said, I would try to hack the Mac because I would much rather own a Macintosh (as in own one for my personal use) than i would a windows or ubuntu box. Maybe he couldve easily hacked the vista box, but who really wants vista? not me.
      • FutureGuy, on 03/28/2008, -8/+11You do have to accept the fact that even after they relaxed the rules Vista and Linux stood for the rest of the day, Mac got hacked in 120 seconds.
        Next time Apple airs one of those Mac Vs PC ads I will have a good laugh, the Mac guy better be coughing this time.
        • Spuy767, on 03/28/2008, -6/+9The mac wasn't /hacked/ in 120 seconds. The author had likely been sitting on the hack for months waiting on the competition. It's fairly common practice, and I know a few friends who went to the conference with plans like that.
          • FutureGuy, on 03/28/2008, -2/+9ha yes, and none of the hackers could find a Vista or Linux machine to try to hack them before the conference.
          • heystoopid, on 03/29/2008, -0/+3Have you not forgotten the recent security updates were installed as well , plus a whole lot of other usual applications , many of whom have their own separate suit of security vulnerabilities !
        • jub0r, on 03/28/2008, -5/+5To be fair, everyone probably wanted to "pwn and own" the Macbook Air rather than the somewhat pedestrian Vista and Ubuntu PCs.
          • airquotes, on 03/28/2008, -3/+3that is exactly my thinking. exactly..the problem with these digg "debates" about which platform is the best, is that there are 3 people who actually know what they are talking about, and then 2000 people who saw a mac, or linux box, and have no idea how to really truly use them. I have certifications/ professional experience on all 3 platforms, and I like XP, dont like Vista much, and love Mac. But the sour taste from Microsoft comes from there shameless attempts to steal ideas from the Mac world, and there suppresive FUD tactics to hurt mac and linux, MS is not only *****, its also a pretty uncool company.
          • heystoopid, on 03/29/2008, -1/+1Why it is not upgradeable in either memory or hard drive like the other notebooks and the battery is a right royal pain to change every twelve months or so (19 screws to remove and replace with 10 off vertical too , one could call that a not very user friendly interaction in comparison to the less then 30 seconds on the other two machines!) !
    • slvrbullet87, on 03/28/2008, -14/+3that is iHackBook Air... every apple product has an i before it
    • GliTCH82, on 03/28/2008, -15/+9Take that, Mac fanboys. Not even Vista's that bad!
      • badjoke, on 03/28/2008, -3/+5Erm. You sure?
        • specialK16, on 03/28/2008, -3/+4are YOU sure? try SP1 and send me a shout so we can discuss again, ok?
    • FutureGuy, on 03/28/2008, -0/+6But it does fit in a Manila envelop ;0
      • heystoopid, on 03/29/2008, -0/+2Just like a cheaper Toshiba Portege as well !
  • SeanRoss, on 03/28/2008, -25/+140He hacked it in as much time as most computers take to boot up, wow...
    • Lounger540, on 03/28/2008, -55/+18You do understand that he used a hack that he already developed, probably taking hundreds of hours, and simply browsed to the website hosting the exploit. Also note, that if it was a remote exploit on webkit it's likely to exist on other platforms and browsers too, but you were more interested in the coolness of a second comment then actually understanding what's going on, weren't you.
      • SeanRoss, on 03/28/2008, -11/+41I fully realize that the exploit already existed before he even stepped foot into the contest. But nice try

        I see what ya did there ;)
      • employeeno5, on 03/28/2008, -3/+7It was his own previously developed exploit that he browsed to. So even if it was just browsed to for speeds sake, it was still he who had put in that "hundreds of hours" of work previously. Also, you seem to feel that the commenter spoke poorly of the mac because you were sure to insist that it is most likely a cross platform exploit, when really all the comment was referencing was this guy's impressive speed. Why shouldn't this kid be recognized for his skills? What's so horrible here? He won it fair and square.
      • FutureGuy, on 03/28/2008, -1/+8I am betting that a lot of hackers also spent hundreds of hour trying to hack Vista and Linux prior to the contest without success.
        • BEDrocko, on 03/28/2008, -2/+3I'm surprised nobody here's considered the fact that because of the large marketshare of windows all of the industry resources on exploit r&d go towards that operating system. It shouldn't be a surprise that it's harder to find an unpublished exploit on a Vista box.

          That being said, the Mac still has a lot of vulnerabilities unknown to the public but until its marketshare increases significantly it won't matter to the millions connected to the internetz with all those series of tubes.

          P.S. smart porn browsers still use macs...
    • astrosmash, on 03/28/2008, -9/+29I guess he wanted that MacBook Air real bad.
    • damonic, on 03/28/2008, -15/+14"He hacked it in as much time as most computers take to boot up, wow..."

      ...On the second day of the competition. And only after they relaxed the rules.
      • FutureGuy, on 03/28/2008, -6/+19yes and both Vista and Linux stood for the rest of the day after the rules were relaxed, Mac stood for a whole 120 seconds.
    • fiveonefive9, on 03/28/2008, -5/+3as much as i wanted to digg your comment i just had to digg the one after yours first
  • sixela, on 03/28/2008, -98/+379Eat it macboys.
    • Dominicc2003, on 03/28/2008, -46/+40Exactly!
      It just goes to show, if someone could be bothered to put their mind to making viruses for a mac, windows and mac would be the same security-wise.
      • Philluminati, on 03/28/2008, -18/+30The exploit worked by having a user click a link. Therefore people have to be duped or rick rolled. A virus can't spread this way so your wrong. This doesn't bring a threat of a mac based virus outbreak.
        • pensivewombat, on 03/28/2008, -12/+40Yeah cause people never, you know, click links.
          • BryanJK, on 03/28/2008, -7/+5Mac OS runs on a Unix backbone, it is more secure in many ways... such as giving applications a secure sandbox to run it, which restricts viruses from being as deadly in windows... which means they can't just go and replace system files/delete/ect anything that would disrupt the system, and if they need too you'll have to enter your root password
          • Rikm, on 03/28/2008, -4/+7@BryanJK (can't see reply link)

            Congratulations! You have pass computer security 101. Now you can move on to Computer Security 102 where you will learn all about privilege escalation.
          • Sidzilla, on 03/28/2008, -1/+2I am digging up your comment for two reasons. 1- you are right. 2- pensivewombat is a cool username.
          • SNIPE07, on 03/28/2008, -2/+2@BryanJK

            I'm pretty sure a security system like that has been implimented into Windows operating systems since..... XP?
        • BingoPower, on 03/28/2008, -8/+11all it takes is 1 person to get duped... once the virus is on the machine, it can then move about in far more interesting ways.
          • Philluminati, on 03/28/2008, -5/+4how will it spread to the second machine?
          • Rikm, on 03/28/2008, -1/+3@ Philluminati (can't see reply link)

            Send email to everyone one your address book, "Hey check out these pics from last weekend. Ha!"
            Send IM to all you contacts...

            Won't get everyone but would be enough to keep going. 1 system -> 2 systems -> 4 -> 8 -> 16 -> 32 -> 64 -> 128...
            You've heard of exponential growth?
        • Varz, on 03/28/2008, -3/+32Yeah and most Windows viruses work that way too.
        • renegadeafk, on 03/28/2008, -15/+4http://youtube.com/watch?v=eBGIQ7ZuuiU
          • Kauzman01, on 03/28/2008, -4/+12Oh come on... if you're gonna try to rickroll someone, you probably should put more effort inito it than that. I mean, seriously, theres no way that any youtube video randomly posted without explanation could be REMOTELY related to anything in this thread besides the passing comment about rickrolling.
            You seriously need to up your game.
          • bradleyland, on 03/28/2008, -0/+8Not to mention, he used uuiU.
          • selrahc, on 03/28/2008, -2/+1Uh, he was making a pretty good point there in response to Philluminati. How many times have you been rickrolled before you memorized the link? It's not that hard to trick people into clicking on links. Therefore this exploit is not invalidated by needing someone to click on a link first.
          • bbardlbradd, on 03/28/2008, -0/+10Never gunna give uuiU up,
            Never gunna let uuiU down,
            Never gunna run around and desert uuiU!
      • lukas88, on 03/28/2008, -1/+1It is surprising how few people understand that logic.

        It is like saying the reason why more people pirate episodes of The Office instead of Dr. Phil is because the security is worse.

        Hint: ~5% market share is not enough motivation for most hackers.
    • fremeer, on 03/28/2008, -19/+56hacking and virus's are different. Generally Unix which mac is based on is very secure and you would find it pretty difficult to really write any major virus' for it. It would be easier aiming for quicktime, safari , itunes etc since they are less secure.
      • CrazyZ, on 03/28/2008, -6/+35Um, isn't that exactly what most PC viruses etc. do? If it wasn't for IE PC wouldn't have two thirds the issues.......
      • Ranneko, on 03/28/2008, -2/+21Which is how this exploit apparently works.

        None of the machines were hacked during the pure remote network access stage, which is the only stage that is unlikely to involve app vulnerabilities much.
      • killtherebel, on 03/28/2008, -6/+4I'd rather get a virus than get hacked.
        • ShiftyMcCan, on 03/28/2008, -0/+8That can be arranged
        • daborg, on 03/28/2008, -0/+4There's really no difference. What you mean is that you'd rather have a virus that doesn't do anything malicious.
      • jakobmakob, on 03/28/2008, -3/+2Virus's what?
    • ifknot, on 03/28/2008, -24/+47RTFA! Dominicc2003 is wrong. He didn't hack the Mac Book Air (It wasn't a hardware hack) he didn't hack Leopard (it wasn't an OS hack) he hacked Safari - he used a new but known exploit of a weakness in Safari and only when user interaction was allowed. Embarrasing for Apple - yes, the end of the world as we know it - no.
      • TnTBass, on 03/28/2008, -3/+7Not to mention this exploit will be fixed pretty damn quick, especially now that it has gained such popularity due to this story.
      • Spuy767, on 03/28/2008, -2/+3Was it even the latest build of Safari? It may already be fixed.
      • Latentsage, on 03/28/2008, -1/+1Who uses Safari in the first place?
      • FutureGuy, on 03/28/2008, -1/+3Not really. Even if you get through IE on Vista because IE runs in what is called a "protected mode", which is a feature of the OS, the process is isolated such that you will not get past the it to get to anything else for a hack to be successful. Hacking Vista through IE running in protected mode would be quite tough.
    • jparkinson, on 03/28/2008, -23/+15Oh damn, macs have been hacked what....twice now? and your precious PC's have been bent over the table for years.... get over it.
      • Monk22, on 03/28/2008, -3/+11no one bothers hacking macs since nothing important is stored on them
      • betterth, on 03/28/2008, -0/+8And yet, Vista STILL has not been hacked at the competition.

        Not saying Vista is better, but every team was given the chance to use any platform they desire to hack. No OS fell at the OS level, but on day two, when pre-installed programs were included, ONLY Mac OSX fell. Vista and Linux stood.
    • TnTBass, on 03/28/2008, -13/+13Well, the real news is that no one actually wanted the Vista machine, so everyone attempted to hack the Mac instead.
      • cquinnd, on 03/28/2008, -2/+8Sorry, that comment makes no sense. There was a prize of $10,000 dollars on the line, plus winning the comp that got exploited. Any hacker who new he could PWN the Vista box would have the motivation of cash in the pocket, plus a new laptop that they could choose to wipe and install whatever OS they wanted onto it. Plus street cred.
        • TnTBass, on 03/28/2008, -1/+2lol, well, it makes sense when you take it as the joke it is. Besides, there really isn't any street cred in hacking Microsoft anymore, but there is when you hack a Mac. On top of that, he used a known exploit to perform the hack. Perhaps he was after the easy money, AND the Macbook Air?

          Regardless, I'm still laughing at the comments for this article. So many Mac fanboys defending their most precious OS, and so many Microsoft fanboys ready to defend any comments saying that Windows isn't any better. I mean, take for example the post by "FutureGuy" below. I think I hurt him deeply with my comment.
      • FutureGuy, on 03/28/2008, -0/+2this is a opening for you at Fox news, go to www.foxnews.com to apply.
    • skeletorcares, on 03/28/2008, -18/+9Someone get on making a mac virus already. Let them taste it. See how they have just been lucky that they have been on an unpopular computer and virii people didn't care about thier sub 5% marketshare. Let them see that their computers are not made better, just marketed better. Its time to knock the growing douchebag population back down a rung. I can't wait to see them try to fix a broken mac. THIS IS GONNA BE GREAT! NA-NA-NA-NA-HEY-HEY-HEY--GOODBYE
      • dcollins, on 03/28/2008, -2/+10If its as easy as you say, why don't you make one?
      • usingpond, on 03/28/2008, -5/+14PROTIP: Macs are at 14% share. No virii yet.
        • skeletorcares, on 03/28/2008, -4/+6Of internet users (the only one thats matter)
          February 2008
          WinXP W2000 Win98 Vista W2003 Linux Mac
          72.3% 4.0% 1.0% 7.6% 1.8% 3.8% 4.3%

          Down .1% from January. Only 10% off, nice try.

          -W3
          • usingpond, on 03/28/2008, -6/+4http://www.appleinsider.com/articles/08/03/17/appl ...

            shut the ***** up
          • skeletorcares, on 03/28/2008, -4/+5I'm glad you found a nice unbiased source like apple insider. Blinded by your own ignorance.
          • usingpond, on 03/28/2008, -2/+3If you had the intellectual capacity you would actually read the data in the article, and who the source is. Don't they teach you anything in 8th grade English?
          • skeletorcares, on 03/28/2008, -2/+1If you had gotten there, college teaches you to determine the creditability of the source. From previous misleading stories, i do not trust appleinsider, but upon your misguided attempt at arguing, I will humor you.

            In your article, "[...]according to market research firm NPD." The Honomichl (a ranking report for marketers), NPD ranked 14th in 2005, 2006 and 2007, YAY! Whereas, the W3 is the leading authority on everything internet (leading means they aren't behind 13 others).

            So before you go throwing around your super cool jr high logic at me. Just a warning that i've been to college.
          • usingpond, on 03/28/2008, -1/+2I'm really impressed that you've made it to college, but we aren't arguing about the ***** Internet. If you want to argue market share, let's do that. But if you want to argue simple data (that has no context or relevant metadata) from W3 that's pretty useless and doesn't really tell anyone anything.

            My link was about market share, bottom line. Yours was about browsers.
        • Monk22, on 03/28/2008, -4/+3PROTIP: being proud of less than 15% of the market after 30 years is laughable at best.
          • skeletorcares, on 03/28/2008, -6/+4Vista is gaining in popularity faster than OSX. Fact.
          • usingpond, on 03/28/2008, -3/+3Great job guys, neither of you understands that popularity != worthiness. Do you think George W. Bush was an excellent candidate for US President too? I mean he was voted in, right? So he must be better. FACT.

            Furthermore, users of OS X really don't give a ***** about market share to be honest. That's something that Windows nerds, furious at the prospect that their intricate knowledge of computers compared to their parents' might be threatened, tout as a reason that it sucks. Pretty pathetic, at least come up with a real reason.
          • usingpond, on 03/28/2008, -2/+2Also: Front page on Digg.

            http://news.yahoo.com/s/macworld/20080327/tc_macwo ...

            owned
      • digitalpencil, on 03/28/2008, -2/+7yup, people have been saying this for years and can you imagine the kudos a coder would receive if they actually manages to write the first, successful mac virus? it's right to say that most virus writers focus on the pc market but don't think that there haven't been plenty attempting to write one for mac, to stick it to the fanbois once and for all but guess what.. 0 so far!
      • skeletorcares, on 03/28/2008, -6/+3Your hubris will be your downfall. (and @usingpond: 14% ahahahhahaha, i don't hold it against you though, math and logic have never been a strong trait of mac users)
      • Louis11, on 03/28/2008, -2/+5First of all, our computers are made better. Its the basic architecture of the Unix system that makes it inherently more secure than Windows. Second, as already mentioned, we hold a fair share of the market . . . or at the very least a much more substantial market share than you mentioned.

        That isn't to say that Macs are impenetrable, (I believe their are BOF out for OS X . . . which in theory could provide the basis for a virus), however the likeliness of it propagating as quickly and unbounded as it does across Windows PC's is extremely unlikely.

        BTW: Virrii is so 90s.
        • skeletorcares, on 03/28/2008, -5/+2our computers? you're part of the growing elitist douche population i mentioned.
    • usingpond, on 03/28/2008, -15/+11One isolated hack versus a decade of nonstop hackage. I'm eating it up and ***** loving it.
      • FutureGuy, on 03/28/2008, -2/+4I think you missed the part that Vista and Linux stood for the whole day without getting hacked, that's a little longer then 120 seconds.
      • jonmlm, on 03/28/2008, -0/+2ok
      • insomniac8400, on 03/28/2008, -3/+4Isolated hack? This is a browser hack, it could be easily used to exploit any mac out there where people use safari. And to say windows is hacked more is ridiculous. OSX has way more flaws. And on top of that windows was historically only vulnerable because it didn't have a firewall on by default. It enabled virii to spread automatically.
        • usingpond, on 03/28/2008, -1/+4What flaws does OS X have besides a terrible FTP?
  • senatorkevin, on 03/28/2008, -109/+22Odds of this story making it to the front page .01%
    • makkaveli19, on 03/28/2008, -1/+16well *****, i guess the odds of me getting laid is even lower than that because it made it to the front page.
    • dojonz, on 03/28/2008, -1/+55I do not suggest you ever visit Las Vegas.
    • dru171, on 03/28/2008, -0/+19Odds of a digger making a fool of himself on the front page: 100%
    • codered1322, on 03/28/2008, -0/+10You suck at predictions.
    • unitedatheism, on 03/28/2008, -1/+2odds are that you will have -100 diggs before the end of the day...
      • senatorkevin, on 03/28/2008, -0/+2Looks like I'm on pace! I'm shocked this story hasn't been buried or deleted yet.
  • TyAbele, on 03/28/2008, -29/+7FTA "He was the first contestant to attempt an attack on any of the systems." Thats kind of biased isn't it? But then again 2 minutes is awfully pathetic.
    • r3zonance, on 03/28/2008, -5/+16Not really when you see the rules of the competition. Day 1 - Remote Hacking Only. Day 2 - You can direct the computers to visit web-sties/open an e-mail etc.

      Basically, it wasn't really worth trying on Day 1, especially at the MacBook.

      Don't forget you used to be able to pwn a Windows XP box with NO user-interaction in less than two minutes.
      • GawtMilk, on 03/28/2008, -4/+13Yeah, then XP started to ship with the firewall turned on, ala OSX Leopard [an operating system six years newer than XP], and the problem was fixed. The same thing can be accomplished on almost any computer if the firewall is turned off.
        • sancho, on 03/28/2008, -3/+2"The same thing can be accomplished on almost any computer if the firewall is turned off."

          Only, no, not really. Maybe any computer running services. The reason that Windows was so vulnerable in those days was because it had many services facing the external network on by default.

          For OS X, the only on-by-default service is NTP (and I've never understood why that's the case.) A firewall isn't necessary if you don't have services listening. Most Ubuntu installs don't have any services listening (last I checked.)
        • unitedatheism, on 03/28/2008, -1/+2Windows doesn't have like 10 or 20 services listening by default, don't be silly
          I mean, it does have default network services (as macbook does), and some were expoitable (remember that's an aged and much well known operating system) but it's not like that, I know, you know, so why did you said that?
  • clak, on 03/28/2008, -78/+23Notice, no one was able to hack the Mac remotely. This guy had to direct someone to a site that ran his elicit code. Not quite as seriously as the article suggests.
    • Chrysaor, on 03/28/2008, -11/+78No one was able to hack Vista and Ubuntu remotely as well, its not Mac only.
      • FutureGuy, on 03/28/2008, -4/+7The last I checked no one was able to hack Vista and Ubuntu yet even with websites and emails. Mac are superior has a whole new meaning now.
    • jaydj, on 03/28/2008, -12/+42Yeah! Who wants to surf the web anyway? If you actually use your computer, you deserve to get hacked. [/sarcasm]
    • RetepNamenots, on 03/28/2008, -6/+24Nobody was able to hack the other two, at all...
    • shaun1018, on 03/28/2008, -3/+2You are an idiot.
  • ariez84, on 03/28/2008, -51/+117This is pretty ***** sweet. Now someone need to parody the ***** out of those Macads.
    • GawtMilk, on 03/28/2008, -10/+21Or crack Vista so that the old ads actually have *SOME* substance, rather than comparing an operating system released in 2007 with one released in 2001.
    • zongamin, on 03/28/2008, -28/+8Except that there still are NO viruses for OS X you cretin
    • fludgesickles, on 03/28/2008, -4/+18gotta love advertising @ the wrong time
      http://i27.tinypic.com/fan6o3.jpg
    • Jaliyl, on 03/28/2008, -0/+6It's been done MANY times. Try youtube.
    • unitedatheism, on 03/28/2008, -2/+1[fat quite old executive] I'm a Windows
      [cool looking web-designer lookalike guy] I'm pwned
  • liuping, on 03/28/2008, -39/+171He obviously figured out his hack ahead of time. It took him two minute to "direct" safari to his already existing hack (must be a long url?) on his website. Who knows how long it took him to write the actual hack...
    • Aeuta, on 03/28/2008, -3/+37They had no physical access someone else had to open a email...
    • banmaster, on 03/28/2008, -32/+115What a stupid apple apologist!
      He obviously doesn't know that most PCs are 'hacked' this way, by directing the ignorant user to a compromised site. Mac users are even more ignorant and happily wrapped up in their false sense of security (coz, like, macs can't be hacked or catch viruses).
      • PocchieTheMan, on 03/28/2008, -11/+32Ain't that the ***** truth. I had one woman tell me her GodMac could survive a lightning strike. She was dead ***** serious.
        • persept, on 03/28/2008, -2/+9I wish my mac could survive a lightning strike.
          • Tippis, on 03/28/2008, -0/+4Pff... Silly super heroes.
            Your income is fine - get back to work you lazy bums!
      • badjoke, on 03/28/2008, -5/+2It's not like mac users really need to be afraid of this one hack out there, so it's not really a false sense of security. Truth be told, this one hack isn't even in the wild, so there really is no need to be afraid.
    • Scynet, on 03/28/2008, -17/+89The same applied to other systems, Vista and Ubuntu. Doesn't matter how you try to twist it, Mac was breached pathetically fast.
      • estvir, on 03/28/2008, -31/+5Have the other 2 been breached yet? With how [apparently] pathetic Vista's security is (Despite the complete lack of remote flaws, etc, IIRC) I would expect it to be hacked first and 10x faster than the other 2 systems.
        • Rikm, on 03/28/2008, -3/+32You can expect what you want, but the Vista and Ubuntu systems are still going.
          http://dvlabs.tippingpoint.com/blog/2008/03/27/day ...

          "We'll update this blog posting in the event another winner emerges today for the Vista or Ubuntu laptops that remain standing. Stay tuned..."
          • Philluminati, on 03/28/2008, -22/+4please god let Vista lose.
          • grumpyrain, on 03/28/2008, -1/+14Why would you want Vista to lose? I don't want Vista to lose. I don't want Ubuntu to lose. I didn't even want Leopard to lose. The more secure these OSes become, viruses, worms, DDOS and spam will become less of an issue.
          • Syphon8, on 03/28/2008, -1/+15Sorry Phil, Mac already lost.
          • estvir, on 03/29/2008, -1/+1Wow, you actually thought I was being serious? Really?
        • cquinnd, on 03/28/2008, -0/+3estvir, you should know by now that most Digger's don't get sarcasm in text posts.
          • estvir, on 03/29/2008, -0/+2For some reason I had a glimmer of hope, but alas, it was crushed by an iron fist of mindless Digg users.
      • bradleyland, on 03/28/2008, -3/+11The "speed" of this type of attack isn't really relevant. The speed in which an attack is perpetuated is only relevant when attacking a remote system with an unknown set of services or entry points. Say you're determined to get in to a server. You would sit down and start scanning for services to attack, then you use your extensive experience and knowledge of exploits to attempt attacks against each of those exploits. That takes time.

        In the case of the attack mentioned in the article, the user visited a web page. There's no valid frame of reference for this type of attack? How long did the author spend searching for the vulnerability in Safari? Then, you'd need another frame of reference. How long does it typically take for someone to find a vulnerability in an application?

        The time it took is really irrelevant.
        • bradleyland, on 03/28/2008, -2/+5If you're going to digg down, at least offer a rebuttal. I'm not downplaying the attack, I'm just confused as to why everyone is so focused on the time it took? My opinion is that most of the people that are touting the time it took don't really understand what is happening here, so I offered an explanation.
        • cquinnd, on 03/28/2008, -0/+1You make a valid point, but If this was an actual exploit in the wild, instead of a technical demonstration from a "White Hat" - then all the news services would be harping on how quick the exploit is capable of gaining access to a system. People have gotten trained on the idea that the time an expoit can be carried out relates to how severe it can be in the real world, which is not always the case.
        • Latentsage, on 03/28/2008, -0/+2ok, forget the time. It was still broken.

          Admittedly, people are making this a bigger deal of this than it is. It was only a browser exploit. The mac does a good job at security. However, I've never gotten a virus on any of my xp installs either. I'm sure you could exploit any operating system with direct interaction with it.

          It shouldn't matter what os we run.
          • bradleyland, on 03/28/2008, -0/+1It _is_ a big deal. I stated in my follow up that I'm not trying to downplay a remote code execution exploit, which happens to fall in the highest category of severity as far as exploits go. I'm confused as to why the time matters.

            * Compose email
            * Send
            * Recipient opens email
            * Safari launches
            * Safari gets owned

            The actual infection occurs in a matter of moments. ZOMG!!! Sploit in milliseconds!!!
          • wabbiteh, on 03/29/2008, -0/+1It matters because the time and effort required to find and exploit a vulnerability is in many ways a better measure of the security of a system than the actual amount of time required to exploit each individual computer.
    • username7D8, on 03/28/2008, -8/+10dude your right, if he hacked in w/o previous work than that would be impressive. Its totally twisted!
    • Armitage2k, on 03/28/2008, -13/+4He used a crossover cable to his own Mac, where the exploit was.. I could have used a crossover to a car battery, and fried the sucker.. and won 10 grand!
    • joeanon, on 03/28/2008, -0/+16Most good hacks are planned ahead of time.

      It's not like the movies where they put no their virtual reality eye piece and hack through an SGI scene of 3D binary numbers.

      You research current exploits and then you PERFECT the code to run the exploit and go from there potentially crashing, taking control or plant a trojan.

      Even when hackers HACK, most of the time they are either using known exploits or known weak points in IT defenses or OS defenses.

      In fact, pretty much anyone good at anything practices and plans and plans and practices. Even sports nerds practice practice practice and that, in effect, is coding different uses of exploits or even looking for new exploits.

      Hacking a system by finding a new exploits is probably pretty rare. You would usually be testing for exploits on a test system on your own LAN or virtual machine.

      Obviously the most reliable weak spot in IT is the user, You can hack most any place by doing old fashion detective work easier than penetrating the network. Many security places will target users and either obtain info from them indirectly such as hacking their home system or just watching them OR give away free CD's or free USB keys outside the business knowing their employees will be most likely to use them either at work or home.

      I'm sure this exploit won't be hard to fix. Mac is built on BSD and it's hard to say, even with Apple's code, that it's an insecure OS. It's not built around security, but neither is Linux or Windows. They all allow privilege elevation. So that means your typing your admin password in as much as humanly possible or you allow more root commands to users.

      The plain old detective work makes entering the admin password all the time is a major risk to full blow security. However, overall the PC security market has bigger problems, such as hacking encryption at the hardware level and the overall mystery of how to trust anything a client send you basically as not being forged. Most firewalls are just not up the task either, but WHY bother when you the user is SO STUPID.
      Have a revolving encryption all you want, but if someone compromises a client with a physical attack, it's all for not and that's usually the easiest attack. You can use all types of simple ways to con your way into a business, slip a USB key in somewhere or just pay an employee a small bribe.

      We've definitely got too much focus on the technological side of security while users continue to be the weak point.
      • Latentsage, on 03/28/2008, -0/+1I would like to thank you for an actual logical post.
      • homercles337, on 03/28/2008, -0/+1Do you even know the difference between a hacker and a cracker? Is HACK an acronym to you or something? FTR, i hack all day during the week, but i have never cracked anything.
    • mwalker05, on 03/28/2008, -0/+6so you are saying its not fair because he cheated by using safari?
    • misfit410, on 03/28/2008, -0/+4http://gizmodo.com/gadgets/bursting-your-bubble/ma ... you lose
    • daizaru, on 03/28/2008, -0/+3I think that was the point. First person to exploit the unbreakable defense of a Mac. If they had to start form scratch people probably would have been pretty bored for a few days.
    • unitedatheism, on 03/28/2008, -0/+2So you mean that since the exploit is avaiable to any system running safari (and what systems come with safari pre-installed?) it's not apple's fault?
      The other curious thing is that apple handles quite little part of its operating system, security is mostly BSD-taken, and which code they flaw??
  • sgmbest12321, on 03/28/2008, -37/+8so much for "the most secure and advanced operating system"

    but in all fairness, this really isnt that fair to say it takes 2 min to hack a mac. he was working on it for at least a few weeks before hand so all this is saying is there are exploits out there for a mac.

    ps imagine if he was the first to go how many other exploits there could be

    • Rikm, on 03/28/2008, -3/+40Apparently he wrote the exploit overnight:
      http://securitywatch.eweek.com/apple/mac_hacked_vi ...

      And the length of time the exploit took to develop is irrelevant anyway. If your system gets hacked, are you going to care if it took 2 mins or 2 years to develop the code? You're pwned either way. As it stands now, every MacBook Air (and presumably any other OS X system) can be hacked by this code.

      Equally people have had the option to similarly work on Ubuntu and Vista exploits for the past few weeks, and yet neither of these systems have been hacked in the contest so far. You're just grasping at straws now. Face it, the MacBook was not invulnerable to hacking and was hacked first. Granted, this was possibly because the Air was the most desirable prize and so put it under unfair focus compared to the other two systems.

      But if you are going to make that argument then you have to accept that in the real world, Windows' much larger market share puts it at under higher levels of attack than OS X and Linux which is partly why its security is breached so often.
      • persept, on 03/28/2008, -3/+2What the article doesn't say is how much control he had over the other computer though
        • bradleyland, on 03/28/2008, -0/+9He tricked a user in to clicking a link. It's not that hard.

          http://www.youtube.com/watch?v=oHg5SJYRHA0
        • GliTCH82, on 03/28/2008, -0/+4Probably enough to make most Apple users ***** their pants if it ever got out in the wild.
        • Rikm, on 03/28/2008, -0/+4The article says exactly how much control he had over the system, or at least how much was needed to execute the exploit:

          "Macaulay pwned the Mac by sending it an e-mail that directed a user to a malicious site. Upon visiting the site, the user—a CanSecWest organizer perched on the machine to protect it from physical assault—was infected with malware, without clicking on anything within the site."

          You can also look up the competition rules but basically:
          All three systems were configured with default settings and software.
          Direct access via crossover cable was available (but not used in this case)
          Hackers were not allowed to touch the machine physically, but a user was operating the systems and would open emails and visit web pages as instructed.
  • DiggLive, on 03/28/2008, -74/+226In come the Apple apologists that say Macs are perfect bug-free machines that can't be compromised.
    • robbh66, on 03/28/2008, -64/+26In come the Microsoft zealots who finally have something, albeit rather insignificant, to rally around and beat their chests about.
      • sirbeta, on 03/28/2008, -12/+28They've had stuff for a long time, you mac guys just strike it from your mind as if it never existed. Believe me, this will be a a simple fairy tale to you guys in a matter of weeks.
    • astrosmash, on 03/28/2008, -45/+19Don't worry, the masturbating Apple-haters are drowning them out big time.
      • BingoPower, on 03/28/2008, -9/+7Apple users don't masturbate? Or are you implying that apple users have consenual sexual relationships whilst apple-haters are basement-dwelling wankers?
        • Masna, on 03/28/2008, -7/+9who ever said macs are perfect and bug-free? this annoys me so much. macs are great, great machines. but no, not perfect. but any one who has one realizes how solid os x really is. and even more so id youre a dev. dont you think theres a reason that all these fanboys and enthusiasts exist. honestly, just shut up.
        • astrosmash, on 03/28/2008, -11/+6No, I'm simply pointing out that the Apple-haters get a little too excited over stories like this.

          And by a little too excited I mean: "Eat it macboys. fap fap fap."
          • Monk22, on 03/28/2008, -2/+5your right, we get to excited even though every time Steve jobs farts there are 12 articles on the front page with frothing commentary about how awesome it was.
      • cerealjynx, on 03/28/2008, -0/+1Dunno about you guys but I sure as hell macsturbate
    • FilliSfandal, on 03/28/2008, -31/+6So Microsoft tools/users are all parrots with nothing relevant to say. How about saying something that will show that your iq is at least above 50. Shut the ***** up please, idiot.
      Stupid people should not be allowed access to the internet.
      (note: I use XP myself)
      • DiggLive, on 03/28/2008, -10/+6You're right, Mac users shouldn't have internet.
        • MacParrot, on 03/28/2008, -4/+11You missed his point (unsurprisingly). He meant have something to say about the article instead of the typical crowing about a flaw that all three sides zealots (Linux, Mac, Windows) do and is so played out. It works like this:
          "Hopefully Apple is paying attention to this obvious flaw in their OS and will get it fixed soon. Mac users, just because you've been safe in the past don't assume you're invulnerable. Every OS has potential flaws and exploits."
          See? I managed to talk about the subject without gloating or bringing up past crap that is irrelevant about Windows in this post.
    • rimantas, on 03/28/2008, -24/+6Uhm, where did Apple "apologists" say that?
      And by the way, how many viruses for OS X is there in the wild? 6% of those of Win, or? ZERO?
      • Orion682, on 03/28/2008, -3/+9http://en.wikipedia.org/wiki/OS_market_share

        What's the market share for Mac OS X? Like 5%?

        Understand something, Windows is not a great operating system. Far from it. But if you think that's the ONLY reason it gets loads of viruses and spamware, then you're a complete ***** idiot. It's because it's an established platform that currently dominates the market, and is the largest target. Macs, at the moment, can't even get NEGATIVE attention, in a sense. Wait until the market share begins rising above 10% and climbs. The higher it gets, the more issues we'll see.

        The only difference is that Mac users are deluded into thinking they're secure.
        No system is secure unless it is standalone, end of story.
    • postalblowfish7, on 03/28/2008, -5/+20Dude it's just a computer.
    • evanbooth, on 03/28/2008, -3/+6I suppose that if OS X asked its users to allow or deny every single POSSIBLY dangerous action we performed, it would probably be more secure. I'd just as soon not be bothered.
      • Louis11, on 03/28/2008, -4/+4You know I thought that commercial was an extreme dramatization of what Vista really was.

        Then I tried it . . .

        Thank god you can turn it off. But still not good enough for me: Vista blows.
      • ProfessorFoo, on 03/28/2008, -2/+2Control panel -> Accounts -> Disable UAC
        There no more confirmation pop-ups.
    • soopafly, on 03/28/2008, -3/+12And people thought Mac uses were smug.
      • digitalpencil, on 03/28/2008, -2/+5it's digglive.. he justs sits on these threads trolling all day and all night.
    • moonguidex, on 03/28/2008, -3/+1What are you talking about? Macs are perfect bug-free machines that can't be compromised!
    • shaun1018, on 03/28/2008, -1/+2You both suck. GO LINUX!
  • samuel514, on 03/28/2008, -32/+9congrats on the dude that did that, even if i'm a apple fan boy! :D
    • estvir, on 03/28/2008, -8/+12You might want to see someone about that.
  • DeFex, on 03/28/2008, -41/+7I wonder how long it will take someone to hack the windows "more full of holes than a wormy apple" machine.
    • Scynet, on 03/28/2008, -5/+31Apparently a lot longer than a Mac. But I guess reading the actual results was too much for you?
  • viclazlo, on 03/28/2008, -22/+9isn't this method kinda like slipping a hawtie a r00fie so u can have ur way with her?

    actually in this case a featherwight hawtie with no tolerance for poisoned web pages?
  • clak, on 03/28/2008, -20/+128Actually, Engadget and Yahoo reported this story wrong. The hack was not done over a live internet connection. It was done using a crossover cable. The hacker's MacBook was connected directly to the MacBook Air in question.

    You can see the rules for the contest here: http://cansecwest.com/post/2008-03-20.21:33:00.Can ...

    In case that link doesn't work, you can see the rules below:

    Limit one laptop per contestant.
    You can't use the same vulnerability to claim more than one box, if it is a cross-platform issue.
    Thirty minute attack slots given to contestants at each box.
    Attack slots will be scheduled at the contest start by the methods selected by the judges.
    ATTACKS ARE DONE VIA CROSSOVER CABLE (attacker controls default route)
    RF attacks are done offsite by special arrangement...
    No physical access to the machines.
    Major web browsers (IE, Safari, Konqueror, Firefox), widely used and deployed plugin frameworks (AIR, Silverlight), IM clients (MSN, Adium, Skype, Pigdin, AOL, Yahoo), Mail readers (Outlook, Mail.app, Thunderbird, kmail) are all in scope.

    This is a picture of the hacker, Charlie Miller, connected to the MacBook Air in question:

    http://dvlabs.tippingpoint.com/blog/2008/03/27/day ...

    http://dvlabs.tippingpoint.com/blog/2008/03/27/ day-two-of-cansecwest-pwn-to-own---we-have-our-first-official-winner-with-picture

    If the first link doesn't work, just connect the second one in your browser and remove the space.
    • Scynet, on 03/28/2008, -3/+62And:

      "Nobody was able to hack into the systems on the first day of the contest when contestants were only allowed to attack the computers over the network, but on Thursday the rules were relaxed so that attackers could direct contest organizers using the computers to do things like visit Web sites or open e-mail messages."

      http://security.itworld.com/5013/mac-hacked-first- ...
      • Angostura, on 03/28/2008, -15/+18I don't know why you are being dug down, this is a pretty important element to the story that is not immediately obvious from the summary. The hacker needed physical access.
        • Tippis, on 03/28/2008, -7/+13No, the hacker didn't need physical access - as stated in the top post. The day 2 attacks was still remote, but required (minimal) social engineering to make the user do something.
        • Rikm, on 03/28/2008, -3/+22No, the hack was done via a Javascript exploit which got to the machine after the user visited a web link sent in an email.

          The fact that cable access was available is irrelevant, so was the email presumably. You could be pwned by this exploit by just surfing to a malicious webpage.

          Feel free to do some research.
      • r3zonance, on 03/28/2008, -15/+11And before anyone says it. By "Physical Access" we mean a DIRECT wired connection to the MacBook Air. This is a bit different from say connection over the internet as there are no routers etc. to go through which could potential mess with the traffic.
        • Tippis, on 03/28/2008, -2/+11The rules specifically state "no physical acess", which is a rather different thing than *direct* access. Yes, you're right: a router or firewall could probably kill this exploit dead, but it still doesn't require *physical* access.
        • deadmoo, on 03/28/2008, -0/+11You are dumb. It is a Safari exploit. The MacBook would only be secure from remote exploitation, if it never connected to the internet or any network. Tell me how a router is going to mess with the JavaScript?
          • Tippis, on 03/28/2008, -4/+1It wouldn't mess with any kind of javascript, but it *would* mess with the port that Safari opened (in this case). If that port isn't forwarded by the router, it can be open all year long and the hacker at the other end won't be able to connect through it.
          • Orion682, on 03/28/2008, -0/+3And if it used port 80, like many exploits do, a router would be worthless...
          • Tippis, on 03/28/2008, -2/+1You usually can't telnet through port 80 (and reach anyhing useful), though...
        • bradleyland, on 03/28/2008, -1/+9"...there are no routers etc. to go through which could potential mess with the traffic."

          Who the ***** is digging you up? That's an absolutely asinine statement. A "router" doesn't "mess with traffic. A router has no knowledge of what is being sent. It routes datagrams to physical networks.

          This exploit was extremely typical of your ordinary spyware/adware attack. A user visits a web page with malicious code, which downloads and installs some type of payload that is executed on the local machine. This is step one in a series of events that must occur for a machine to get infected.
          • bradleyland, on 03/28/2008, -0/+5Along the same lines as my closing comment above, I think it is important to point out that this _is_ only the first step in the process of infecting a machine. Don't get me wrong, this is a remote execution exploit, which is absolutely terrible, but it must be tied to a privilege escalation exploit in order to create the kind of havoc you see with Windows exploits of the spyware/adware variety. I'm referring to nasty little ***** like Vundo/SmitFraud/etc. That is not to say you can't do serious damage without privilege escalation. How about deleting all your documents and profile information. Yuck. Hope you have a backup! But the damage is still limited when compared to an environment where the code executed has free reign of the entire system.

            Without privilege escalation, this type of exploit can only operate within the confines of your user account's scope. Anyone who has used OS X (or any distro of Linux for that matter) has seen the password verification box that pops up when you try to do something admin-ish. In order to create a self-perpetuating nasty on the order of magnitude equal to the malware I mention above, you would have to have to go past the password prompt. This should put Mac users on notice. When you see the password prompt, think twice, then think about it again. Windows has a similar mechanism (UAC), but it is (unfortunately) used at every opportunity imaginable. Users are quickly conditioned to either turn it off or immediately click allow. They learn that "allow" is synonymous with "proceed", rather than "you are about to do something important". That's a shame.

            Good security is like dressing for cold weather. It's all about layers. Your first line of defense is the browser you are using. Microsoft gets credit here with Vista and IE by introducing sandbox mode. That is a HUGE step forward in web security. Other vendors would be wise to implement similar modes of operation. Beyond the application, you must rely on the security features of your operating system. Beyond that, you must rely on the user. And on that point, good luck.
          • Tippis, on 03/28/2008, -1/+3The problem a router could cause is if the "payload" uses a port that the router don't know where to map, or has been told not to map to anything.
          • bradleyland, on 03/28/2008, -0/+1You must be referring to NAT, but it's still irrelevant. If the "payload" were able to be sent to a port without a user request, the attack would be complete by simply sending the payload. Since that is not the case, the user must have requested the data, which means it gets handled just like any other NAT'd TCP/IP request and comes/goes as normal, even if there were a router in place.
      • insomniac8400, on 03/28/2008, -0/+3This does not require physical access. Just because a cross over cable was used, the attack still consisted of nothing more than a user surfing to a webpage. Easily can be done over the internet, but they used a cross over cable because the physical method of connecting to a webpage will have no effect on this kind of exploit. And it therefore didn't expose their machines to the outside internet, which would have been bad because you couldn't guarantee that someone else would find the boxes and try to mess with them. That could have invalidated all the results.
    • kholburn, on 03/28/2008, -18/+2Except that a MacBook Air doesn't have ethernet.
      • jeriqo, on 03/28/2008, -1/+9Yes it does, over USB.
      • r3zonance, on 03/28/2008, -1/+6USB to Ethernet Adapter. Do a bit of research.
      • Monk22, on 03/28/2008, -2/+2and how much did they charge you for your nice little adapter? gotta love how people are defending the fact they make you buy ***** apart from your computer just to use your computer. my computer can get on the internet with out any adapters to buy imagine that.
        • willi, on 03/28/2008, -1/+1Welcome to 2008, where WiFi is the norm!
          • Monk22, on 03/31/2008, -0/+1where wifi is still not as fast as ethernet noob
    • grumpyrain, on 03/28/2008, -1/+13As a technicality you are right, but the flaw that allowed the Air to be compromised is Safari visiting a malicious web-server. Being behind a router doesn't make a shred of difference. Granted that telnet would be out of the question behind a router, but historically we have seen Windows worms do damage from the same sort of social engineering techniques.
    • triskele, on 03/28/2008, -7/+4FTA: "(presumably via a crossover cable connected to a nearby MacBook)"
      Looks like Engadget got it right. I'll be burying you now.
      • clak, on 03/28/2008, -1/+3I e-mailed Ryan Brock and they inserted the reference to crossover cable, but the original did not contain it.
    • clak, on 03/28/2008, -3/+3Notice: Engadget corrected their original article after I sent them an e-mail about the crossover cable. Put "PWN 2 OWN Engadget" in Google and look at the cached page and you will see that the original article didn't have a reference to the crossover cable until I pointed it out. And for all you guys saying it doesn't make a difference. It DOES make a difference. If this hack was so easy to do, WHY didn't they just do it over a live internet connection? The parameters for the contest was flawed.
      • cquinnd, on 03/28/2008, -0/+1No, they didn't do it over a live internet connection to establish the same parameters for each machine. Relying on speed and latency issues of some remote server in another node, state or country would not have given them an even playing field.
      • grumpyrain, on 03/28/2008, -0/+1Flawed is too strong a word. It would have certainly been better if they had a session that required an attack behind a router before moving to the crossover attack.
    • fungible, on 03/28/2008, -0/+1I'd be willing to bet this has to do with the two worst security problems on the Mac: 1)"Open safe files after downloading" is always checked by default, and 2)the firewall is never turned on by default.

      Both of those things are easily fixed by the user, but I wish they were fixed by default.
    • FutureGuy, on 03/28/2008, -0/+1not sure what your point is, are you trying to say that Vista and Linux are awesome because it stood for the whole day under the same conditions?
      • clak, on 03/28/2008, -0/+1Well, you have a problem with your logic there. WebKit, which Safari is based on, is open source. So had this been a real exploit in the wild, a third party would have patched it before Apple would have even known about it. Internet Explorer, on the other hand, is patched whenever Microsoft gets around to it, so as a result the Windows has 140,000 known viruses in the wild. So good luck with the Windows security. Linux, on the other hand, shouldn't have a problem, assuming there isn't a security guy out there who wants to withhold vital data, just so he looks like a bad ass at a security conference.

        Of course, the fame for exploiting OS X isn't quite as good as exploiting Linux and Windows.
        • HerbSolo, on 03/29/2008, -0/+1Uh - what? - This was a "real" exploit, whatever you may mean with "in the wild". And it obviously wasn't patched yet.
          And the number of Windows-Viruses doesn't have to do all that much with MS's patch-policy, but with MS's great idea to log in every user with Admin rights. - Now you don't really need a root-exploit, just someone to do a doubleklick, done.
  • wonderchemist, on 03/28/2008, -3/+17Probably make more money taking the MacBook Air than hacking into it with physical access.
  • jdelator, on 03/28/2008, -19/+8I want to see the outcry here at the mac getting hacked and then go over to slashdot once linux gets hacked
    • billlyboobs34, on 03/28/2008, -3/+13Many of us "break" into linux boxes on a daily basis. MOST linux admins suck serious ass. Think of it this way... it's easier and faster to get into a OSX or Linux box (with physical access) than it is getting into a windows box.
      • drdepoy, on 03/28/2008, -0/+2I disagree, with a physical access a live cd takes the same amount of time to boot on a windows system or a linux system.

        obviously that isnt a valid attack here,
    • DestroyFascism, on 03/28/2008, -1/+4Got cd?
  • Farmer77, on 03/28/2008, -21/+165So I guess the conclusion to this story is that people can hack Apple's OS, but only for money, otherwise, it's not worth hacking.
    • banmaster, on 03/28/2008, -23/+56Security via obscurity, its the only real protection the mac has ever had.
      • jeriqo, on 03/28/2008, -20/+4Mac OS's kernel is open source, how is that obscure, you dumb *****.
        • Tippis, on 03/28/2008, -2/+14Because *only* the kernel is open source – there's (far) more to an OS than that.
        • GliTCH82, on 03/28/2008, -0/+5He meant the fact that not as many machines in the world run OS X as Windows, so people really don't care enough to develop viruses for Macs. So it's not even really secure, just "safe" because people don't give a ***** about hacking it.
        • Bandit1000, on 03/28/2008, -2/+0Even so, it doesn't change the fact that there is much less threat to a Mac user. Chances are a Windows user will get many virus in his computer before a Mac user gets his first.
          • GliTCH82, on 03/28/2008, -0/+1Right, but assuming that Mac was the more popular platform, Macs would be the ones with viruses and spyware out the ass and Windows machines would be the safe ones. So, this has nothing to do with Mac being more secure, and everything to do with Mac being less popular. Still feeling smug?
      • pixeldust, on 03/28/2008, -7/+13Except OS 9 had viruses and had a smaller user base percentage. Now shut up
      • BlueSkyfish, on 03/28/2008, -1/+1Obscurity and Unix
    • cnldelta, on 03/28/2008, -7/+2Are you implying that mac book owners don't have anything valuable whatsoever in their HDDs?
      • reaper527, on 03/28/2008, -0/+9he is implying their market share is barely a blip on the radar compared to a pc running windows.
        • GliTCH82, on 03/28/2008, -1/+7Wow, it's incredible how many times this has been said over and over and I would bet a lot of people still don't get it.
    • digitalarcanum, on 03/28/2008, -3/+4That's definitely a correct statement. If you think about it, while macs are 15% of the PC marketshare (macs ARE PCs), the fact of the matter is, researching windows and linux exploits, both of which are in wider use than OSX, would be a hell of a lot more crippling than a hack/virus/exploit for OSX. In the case of linux, a lot of businesses and web servers run some variation of it. In the case of windows, not only to home users run it, but a lot of businesses use it exclusively.

      this, combined with the fact that OSX gets patched nearly as often as windows does, you are left to the conclusion that macs are really that much more secure, seeing as how the only security they have is obscurity and in essence the same executable, phishing site browsing idiots that were on windows are no smarter on a mac than they were on a windows PC.
      • ligyron, on 03/28/2008, -1/+415%? Try no more than 5%: http://www.w3schools.com/browsers/browsers_os.asp
        • eatrains, on 03/28/2008, -1/+1You do realize that those stats are counting only the W3Schools site and are not necessarily indicative of the Internet as a whole, don't you?
      • erikerikerik, on 03/28/2008, -1/+1it sits at 6% now.

        And the down side to apple patching is that they (apple) never tells any one esp IT about the exploits and holes. they just kind of drop the bombs on people and say "oh btw, there's a massive gaping hole in our security, here down load this patch" The amount of exploits known on th OSX are not known because apple doesn't release the numbers.

        And who the heck is digging you down? all the info you put forth is correct.
  • Fallooza, on 03/28/2008, -27/+11[QUOTE=D3v1L80Y;623442]Again, same as last year's fiasco of fallacies.... nothing was "hacked".

    Quote:
    Originally Posted by article
    No one was able to execute code on any of the systems on Wednesday, the first day of the contest, when hacks were limited to over-the-network techniques on the operating systems themselves. But on the second day, the rules changed to allow attacks delivered by tricking someone to visit a maliciously crafted Web site, or open an e-mail.
    That isn't hacking, that is social engineering. Take note, that no person was able to actually 'hack' into the Mac until the rules were changed. Just like last year. They couldn't touch the Mac until the rules were changed and severely improbable situations were allowed to take place.

    This story is nothing more than sensationalism. Use buzzwords like "hack" and a new product release with as much pomp and fanfare as the MacBook Air... and, well... you get the picture. It's just fodder for fanboyz.[/QUOTE]

    • billlyboobs34, on 03/28/2008, -5/+18If I turn my PC off and claim that no one can hack it remotely does that count too....

      It's not sensationalism at all. In a real world setting Macs are as vulnerable as anything else.
    • estvir, on 03/28/2008, -5/+14Oh yes, suddenly social engineering is /nothing/ yet when it's done on other platforms it's a big thing.
    • Scynet, on 03/28/2008, -3/+18Bollocks, the same rules were applied to Vista and Ubuntu too, and they STILL couldn't get in after the second day.
    • Rikm, on 03/28/2008, -2/+16So you never "visit web sites or open e-mails" on your system?
  • TehProphet, on 03/28/2008, -12/+4I thought the macbook air didn't have an ethernet port.. how did he hack it via crossover cable?
    • astrosmash, on 03/28/2008, -11/+4You thought wrong.
      • jj101, on 03/28/2008, -0/+15No he didn't. It has no ethernet port. They must have used the usb to ethernet adapter.
    • cyranthus, on 03/28/2008, -1/+6usb ethernet adapter
  • buddamus, on 03/28/2008, -26/+21"But Macs are safe and secure" Like hell, they are just as vulnerable as everything else
    • jj101, on 03/28/2008, -11/+2Balls. If you get in the same room as a target computer with your own laptop and you can't get in then you have issues. Either that or you don't deal with computers/networking for a living.
    • r3zonance, on 03/28/2008, -15/+11Generally, if a "hacker" can get physical access (to plug in a crossover cable) to your machine you generally have bigger problems. Such as somebody could steal your hardware and hack it at their leisure.

      I always think the attacks requiring some level of physical access to a machine are a moot point, especially as around 90+% of the time no physical access is afforded to the hackers. So it may as well not be a hack.
      • dingleberry, on 03/28/2008, -1/+13Comprehension is key here. The cross over cable was used to simulate a network environment (aka. the interwebs). This attack DIDN'T require the HACKER to have physical access to the machine. The "user" of the Mac clicked on a URL and the machine was taken over.
  • pjdscott, on 03/28/2008, -13/+5Interesting competition - except what's the point these days of hacking anything via cable? In practice, who does that? Disgruntled employees? Surely the real challenge is hacking over wireless networks?
    • thatashguy, on 03/28/2008, -2/+11no! the real challenge is when it's not connected to any network.
    • Parkinsons, on 03/28/2008, -0/+3Except most of our computers are connected by cable to the internets....
  • SQLserver, on 03/28/2008, -5/+19People- Pwn 2 Own isn't over yet. The Title is misleading. There is a 3rd day, mainly between Ubuntu and Vista now.
    I hope Ubuntu wins.
    • ftx437, on 03/28/2008, -9/+4you hope?
      IT WILL! lol
    • Slovenian6474, on 03/28/2008, -1/+10I think it would be cooler if neither were.
    • gyronic, on 03/28/2008, -9/+6That is if they can get Vista to boot....
    • Ouze, on 03/28/2008, -0/+8i had hoped they would all win. Secure computing is in everyone's best interests. Even if your favored platform does well when the other's don't, that just means more fodder for botnets that can be used against the secure ones.
  • elTito, on 03/28/2008, -22/+38I use both MS and Mac stuff and I don't think I'm a fanboi of either, but...

    It seems to me that this is an application problem, not an OS problem. I find it hard to believe that there are not multiple ways into all three of the OSs in question via similar techniques.

    Additionally, I'd like to know if the hack was self executing (i.e. simply surfing to the site compromises Safari and OSX) or if someone actually had to download and install something, disregarding at least two warnings and an account password requirement. In other words, was it something that could happen to anyone by accident or only to a total retard?
    • DiggLive, on 03/28/2008, -4/+25Total retard or not, that's how malware spreads to people across the internet. They'll install anything on their systems, and when Mac/Linux ever got as widely used, you'd see more malware and other social engineering written specifically for them.
      • skoober, on 03/28/2008, -24/+2i find u annoying
        time to block you
        • insertAliasHere, on 03/28/2008, -2/+16Whether or not he is annoying, (and often he is very annoying) he is absolutely correct here. Most people have been conditioned to just click "Next." It has been less of a problem on linux and mac, because little malware is specifically written to target them. Why bother fishing for 10% when I can go for the other 90%? But as they gain popularity, they'll gain 2 other things as well: A larger group of ignorant, "dumb" users who click yes to everything, and greater attention from the spyware/malware/virus producers.
      • MacParrot, on 03/28/2008, -6/+6@skoober: Yes, he is annoying.

        BOT: Social engineered hacks rely on people's stupidity for the exploit to be installed. No system is secure against that. In this case however, there was a flaw that was exploited and Apple needs to look into this and fix the problem.
        Details were pretty sparse other than it opened a port through a link when the computers were directly connected. Does anyone know if this would have worked without the direct cable connection?
    • Tippis, on 03/28/2008, -0/+12The link made Safari open a port through which he could connect to the computer and take control.
      http://www.channelregister.co.uk/2008/03/28/mac_ha ...
    • wufoo, on 03/28/2008, -8/+5Fanboi lol.
    • slickto, on 03/28/2008, -1/+12Wrong, this is clearly an OS problem. To allow Safari to hook into the OS in such a way as to gain root access is definitely an OS issue. Even Vista has addressed this problem with their "protected-mode" IE7, which sandboxes the browser, thus avoiding a simple pwn like this.
      • elTito, on 03/28/2008, -3/+1Ok...so you're saying MS addressed this in Vista by sandboxing IE7, but again is that indicative of a more secure OS or a more secure web browser? What if IE7 weren't sandboxed, would this sort of exploit be usable? I don't know the answer, I'm just asking. The fact that IE7 is secure in and of itself doesn't say anything about Vista (unless there is more I don't know about Vista, which is certainly possible), just as the fact that Safari is exploitable doesn't say anything about OSX itself. They are both application level issues.
    • Parkinsons, on 03/28/2008, -0/+7It does not matter if it was self executing or not, All three OS's where being attacked with the same rules.
    • bluezombie, on 03/28/2008, -0/+7Application or OS issue is irrelevant since any OS exists to host applications on hardware. If the OS allows the application to perform a "dangerous" task then that is a potential exploit.
    • Ouze, on 03/28/2008, -0/+5"Additionally, I'd like to know" - you'd know if you read the article. The user visited the site, did no further interaction, and was infected.
      • elTito, on 03/28/2008, -1/+3I'm not sure how you deduced that given the non-disclosure agreement and complete lack of detail given in the article as to how it was accomplished.
    • FutureGuy, on 03/28/2008, -0/+4Not true, even if you hack into IE on Vista because Vista runs IE in protected mode, which is a feature of the OS, you will not be able to take control of the PC, which is what happened to this Mac.
  • DJNephilim, on 03/28/2008, -20/+18Its important to remember that the contest rules stated that only **currently unpublished/unreported expolits** could be used to hack into the computers...Thats like letting microsoft start at the 50m line in a 100m dash. That rule makes no sense. Well, it does make the contest fair, but the results say nothing about which is truly the most secure system.
    • jeriqo, on 03/28/2008, -14/+3This rule is totally stupid.
    • davidcg, on 03/28/2008, -0/+16It wouldn't be a contest at all if you were allowed to use published/reported exploits. The goal of it all is to find new exploits so they can report them and have them fixed. But that is the key, is IF they get fixed.
    • r3zonance, on 03/28/2008, -10/+7Nearly all Windows exploits are published and reported, so they couldn't be used in the competition.

      However in the real world the total Windows exploits in existence are all fair game and are exponentially higher in number than any other OS.
    • digitalarcanum, on 03/28/2008, -3/+4because OSX doesn't have a ***** ton of unreported exploits on their operating systems that they fail to tell their users about and quickly patch them and forget about them.. except, oh wait, they did exactly that a little while ago where they patched a ***** ton of OSX tiger exploits without even letting the userbase know that the exploits existed to begin with. (i.e. "undocumented exploits")

      MS doesn't take strides to make sure that their expoits are covered up. as soon as security exploits are brought to their attention, they give you ways to work AROUND the problem until the exploit can be fixed.
      • DJNephilim, on 03/28/2008, -1/+3"MS doesn't take strides to make sure that their expoits are covered up"

        And you know this because......?
  • decet, on 03/28/2008, -8/+13OK, this might appear as a bit of a blow to smug Mac-security consciousness. BUT...
    The vulnerability in question is very likely within the WebCore and WebKit frameworks, one of which (WebKit) is open source, and will be fixed very quickly once the developers are aware of it. I estimate a maximum 10 days for the flaw to get corrected. In the meantime, users have a variety of other browsers to choose from which do not use Apple's frameworks.
    • zongamin, on 03/28/2008, -13/+5Except this exploit still requires the user to deliberately click a link to open a port. Nothing to worry about.
      • handsoffme, on 03/28/2008, -0/+6cause you never click on any links that you don't 100% trust?
        • honorablesauce, on 03/28/2008, -1/+1If I havent manually opened the port on my router, it isn't going to click over anyways.
    • slickto, on 03/28/2008, -4/+4No ***** way Apple patches anything in 10 days.
      • ZigVicious, on 03/28/2008, -1/+1that's the point, read the comment.
        Apple don't have to patch it, it's open source.
  • mrynit, on 03/28/2008, -3/+13I don't understand what he did that was special to the mac book air? Doesn't it run the same OS as all the other apple computers?
    • Tippis, on 03/28/2008, -0/+9There's nothing special about it being a MBA – they're just the laster Mac.
    • taintedzodiac, on 03/28/2008, -0/+11You're correct, but the marketing behind the MBA makes this story more sensational by specifying it.
    • BryanJK, on 03/28/2008, -0/+5yes, they all run the same OS
      • supermanred, on 03/29/2008, -0/+1No, mine runs OS X, Windows Vista and Ubuntu.

        :)
    • Ouze, on 03/28/2008, -2/+4The Macbook Air is like the Meg Ryan of computing, that's why. It's so perky and just wonderful it steals everyone's heart. Haven't you seen the commercials? Fantastic marketing. Mac users truly are a differently-thinking audience, so maybe you didn't "get it". How about when Steve took it out of a manila envelope? Brilliant. Simply brilliant. I'd eat his poo. Steve Jobs has brilliant poo.

      Anyway, while all of the macs are special snowflakes running OSX, the MBA is the special-ist of all.
      /snicker
  • themonkman, on 03/28/2008, -16/+28What the article on Engadget failed to mention was what browser was used to connect to the malicious website. What was that browser, and what security vulnerability was exploited? The reason I ask is because any piece of software can act as a vector path for malicious code to be run on a system. I'm sure many of you security savvy people heard of the exploit with Adobe Reader 8.1 and below that would allow an attacker full control of a Windows machine if they navigated to a website with a maliciously crafted PDF or opened an email with a PDF that was crafted in this way. Software that is external from the core of the OS still needs to be secure, although I know it's next to impossible to ensure that every single app you run is 100% compliant to your security model. As a systems and network admin, it's a very difficult thing to manage.

    As far as Macs being secure or insecure, it's really a dumb argument. An OS is only as secure as the intelligence of the people trying to hack it. I think we learned that lesson with all of the various incarnations of the Windows OSes.

    There is a way around everything, and the only thing keeping your computer safe from hackers is the difficulty it takes to get around those barriers. I've been fairly pleased with the security model and customization you can do with securing Unix OS'es, which is one reason I do tend to lean in favor of Linux and Macs as being inherently more secure (if you know what your doing), but a computer is only as secure as know how of the user who operates it. Most home users who have Windows and have never patched their systems or have antivirus can be hacked in just as little time as any other system, too. Out of the box most systems are fairly insecure.

    I would go to say that as far as Macs are concerned, I'm not as worried that a Mac would fare the same fate out of the box as a Windows machine, which is why I bought my mother one. I'd much rather her be running Linux since most mainstream distro's pump out security patches much more frequently, but I'm not going to spend several hours on the phone with my mom just so she can get her iPod working with Banshee or Amarok media players.
    • davidcg, on 03/28/2008, -2/+16The default web brower for the air book is safari. (All systems used default factory OS software, nothing extra installed)
      • RetlawST, on 03/28/2008, -0/+5You are incorrect. Common web browsers (IE, Safari, Firefox, another I forget) and IM clients were allowed in the competition.
        • cquinnd, on 03/28/2008, -1/+1No, third party software is not allowed until the third day of the competition.
      • themonkman, on 03/28/2008, -0/+1I've never been a huge fan of Safari. I tend to opt towards Open Source browsers that receive more public security scrutiny.
    • Tippis, on 03/28/2008, -1/+4Better description here: http://www.channelregister.co.uk/2008/03/28/mac_ha ...
    • HerbSolo, on 03/28/2008, -2/+19exploiting a browser flaw: the browser's fault.
      gaining root access through an exploited browser: the operating system's fault.
      • grumpyrain, on 03/28/2008, -0/+4Given that IE7 on Vista runs with pretty much no access to anything, it makes it much harder to successfully exploit than if it were running with user access rights. A web browser or email client should be an untrusted application with limited scope for making any system wide changes by design. That is one of the reasons why ActiveX controls in the browser were such a bad idea.
      • krautpastry, on 03/28/2008, -1/+0From reading the articles, we don't know that it was root access, only that a terminal session was opened. Still, not a good sign for Safari and OS X. Did Apple hire an IE 6 developer?
        • grumpyrain, on 03/28/2008, -0/+2If it didn't require root access, then it is an even more serious flaw. Only root should be allowed to open inbound ports.
  • rebotfc, on 03/28/2008, -21/+5Inaccurate, whilst undoubtably this is a flaw that needs fixing, it was done over a crossover cable.

    I.e. the attacker needed physical access to the machine.
    • decromin, on 03/28/2008, -3/+9How is it any different than a machine connected to the internet without a firewall?
      • skoober, on 03/28/2008, -12/+3finish your cereal, then hurry the fuk up to school kid
      • skingers, on 03/28/2008, -3/+6Actually there's a big difference. The rules of the contest allowed the hacker to control the default route and be physically connected to the Mac, thereby giving him complete ability to impersonate any network service he wished. As far as the Mac Book is concerned every single network based service it needed was able to be impersonated by that one machine. This is not a set of circumstances that can be achieved unless you have control of the default route and the physical connectivity to use it.

        Does this mean the hack is meaningless, not necessarily Unfortunately we don't have real detail about the "exploit" to know.

        Does it mean that it's the same as just "being on the Internet"? No. Definitely not.
    • Tippis, on 03/28/2008, -2/+8No he doesn't – he just needs a direct link. NAT and firewalls can probably kill the exploit, but physical access isn't needed.
      • skingers, on 03/28/2008, -5/+1What is a direct link if it is not physical access? Furthermore having a connected crossover cable is not the same as a "direct link" (by which I assume you mean a connection to the same broadcast domain) either. For all we know the exploit could be related to ethernet auto negotiation, something that only occurs between physically connected machines.

        My point was having control of the default gateway and being on the same LAN as your attacker (let alone physically connected to the ethernet port!) is not the same as "being on the Internet".

        I'm not saying that having the vulnerability is something to be proud of but I'm just saying that the test is not very representative of the real world.


        • Tippis, on 03/28/2008, -0/+7A direct link in this case is a fully routed (no NAT, all ports available) connection. The hack worked by making Safari open a port through which he cound connect to the Mac.

          Physical access means being able to walk up to the machine and tap away at it or plug things into it. None of that was needed.
    • lolinyerface, on 03/28/2008, -1/+5Accessed code on his website via safari.
    • unitedatheism, on 03/28/2008, -0/+2did you read the article?
      in other words, if it was not fair, why did they gave him the big prize?
  • cmpastore, on 03/28/2008, -22/+4As usual the hacker needs physical access to the machine. If I had that even I could hack it... :) These contests are always misleading when they become news. I'll still take a Mac any day. Go away Mac haters. You are just mad cause we're better than Windows. Always so easy to jump on the hate wagon!
    • camix, on 03/28/2008, -1/+7It's amazing how ignorant the average MAC user is. NO physical access is needed for this hack. Maybe you should understand the hack first before you comment. If you're on the internet and not behind a firewall then you're just as vulnerable as the system the hack was performed on.
  • 4d669, on 03/28/2008, -6/+9This is just like the Large Hadron Collider, nobody understands it but everyone has an opinion.
    I have no idea what the purpose of the MacBook Air was. He was hacking Leopard, not the computer itself, it makes no difference where the OS is installed. Also, anyone could have done what he did, hacking Leopard is a joke. Hacking Vista should take about a minute more to hack.
  • northernmunky, on 03/28/2008, -6/+15I say congrats to him.... even though I am a Mac user it certainly doesn't mean I'm switching any time soon. But lets be fair if it only took 2 minutes I'd say he was already well aware of how to conduct the attack in advance.
  • skingers, on 03/28/2008, -5/+1There is some luck here too related to timing.
    On any given day there may be more useful vulnerabilities to exploit for any given platform depending on where we are in their patching cycle at that time.
    There is also the issue of how well this particular hacker knows his intended target system in comparison to the others who turned up to the contest.
    This does not make a general statement about the everyday security of any of the platforms. It makes a specific statement about how hackable (via a crossover cable and owned default route, by thi