What is Digg?Sponsored by wix.com
The Ultimate Flash Website Design Tool view!
wix.com - Design a stunning website in 10 easy steps.
571 Comments
- ForMyCause, on 03/29/2008, -117/+429Ubuntu > Vista > Mac
Do not deny it. - LilBambi, on 03/29/2008, -16/+169Congrats Ubuntu!
- daftman, on 03/29/2008, -29/+131Well to be fair, none of the OS was compromised DIRECTLY. It was the third party software, (pre-install or default) that has vulnerability. Lesson learn from this? Install default system and sit there and bask in its glory. j/k
Just use free open source software as their exploits are patched up really quickly.
However, I wonder what happen if the Ubuntu Laptop was to run Safari and non-beta Flash from Adobe. Will the system security prevent mis-behaving software from compromising the system?
Another important thing that this competition did was to turn the smugness level of Mac user down just a little. But brace yourself, digg users, for there will be apologists that make Creationists look scientific. - richaoj, on 03/29/2008, -10/+100Safari is not "third party software." It is made by apple and is part of the operating system. The webkit rendering engine that is part of safari is also used to render other things in the os. I thought we learned from windows 98 that integrating the web browser into the os was a stupid idea, but i guess someone didn't get the memo.
- Gordraf, on 03/29/2008, -12/+95Yes, and therefore McDonalds is statistically the best restaurant in the world.
- venuspcs, on 03/29/2008, -25/+104A few notes: 1.) OSX wasn't hacked directly but rather through a vulnerability allowing remote code to be executed by a devious website when visited with the Safari web browser. 2.) Vista wasn't hacked directly but rather through a vulnerability allowing remote code to be executed by a devious website when visited using Internet Explorer and while running the newest version of Adobe Flash Player...
Therefore all three operating systems are pretty ***** secure out of the box as the only way they could be compromised was remotely using deviant website coding....with that said the vulnerability in the Mac was out of the box as the build of Safari compromised was built in to the OS. Where as Vista required third party software to be installed to be compromised.
NO I AM NOT A VISTA OR MICROSOFT FANBOY....JUST STATING FACT - daftman, on 03/29/2008, -7/+70Yes the result of this test DEFINITELY shows that!!!
- oobuntu, on 03/29/2008, -4/+66They should do contests like this more often. It has been interesting to follow
- smotpoker, on 03/29/2008, -6/+64Actually distribution *can* (not saying it does here) make a difference, as distributions are who determine what packages/libs to install, how they are implemented and how fast they are patched. For instance an older version of Ubuntu or if it had been running Kubuntu might have lead to some older software versions being used or some such.
- inactive, on 03/29/2008, -24/+81The laptops fell in order of desirability.
The MacBook Air went quickly. The Fujitsu Vista laptop went eventually. The Ubuntu laptop has trouble connecting to wi-fi. - oblique63, on 03/29/2008, -4/+59Oh, don't worry about him, he's just still in the first stage of MacBook Air ownership: Denial...
soon he will reach acceptance... after getting pissed, trying to sell it on ebay, and becoming depressed.... - z0mbie2099, on 03/29/2008, -30/+81GNU/Linux Pwns Vista & OSX.
- Remmy, on 03/29/2008, -25/+70While they used Ubuntu as the distribution, giving Ubuntu the credit for this isn't right. The distribution wouldn't have made a difference.
- oobuntu, on 03/29/2008, -2/+45Tell that to an EEE user who had to install Ubuntu because the default Xandros distro produced by Asus didn't have iptables support in the kernel, plus the slowness in updating the repos with security fixes. Distro has a lot do to with it. If you're running an old kernel, samba, or java because of outdated repos then you can get hacked.
- TeacherOfHeroes, on 03/29/2008, -6/+47Actually, I'm really impressed that Ubuntu managed to survive day two. I thought it would fail before Vista simply because of the amazing number of pre-installed applications that Ubuntu ships with.
Ubuntu on day two was already half-way to the kind of configuration that I suspect Vista would have been in on day three; pre-installed office apps, image editor (ms paint doesn't count), bit torrent client, etc... - Akufen, on 03/29/2008, -5/+44yes and:
car > plane
(driving) - daftman, on 03/29/2008, -1/+39> What I don't understand is why more people did not hack Ubuntu...I mean maybe the security is a little better but come on it is not running SELinux.
They did TRY to hack Ubuntu. Each team has a go at all laptops, not just one. It doesn't need to run SELinux to be secure for Joe Six Pack.
> Both the Mac and Windows exploits are worth some cash (more then the offered prizes) and that probably keeps some people away but Ubuntu exploits are still "worthless".
You can rationalize whatever you want but for these guys, hacking the system is much more important than earning the money. If money is the main motivation, they would sell the exploit underground instead of responsibly disclose to the vendor.
> Anyway lets not get too arrogant. :)
Why not? To the victor go the spoils. For now at least. - mcmlxxii, on 03/29/2008, -1/+34"3) It is obvious that the people didn't challenge the Ubuntu enough that comes with a large collection of dubious third party software"
If you were offered $20,000 to hack into one of these three boxes, and you were up against others, and Ubuntu is free and the easiest OS to get hold of beforehand, and it has ALL ITS SOURCE CODE AVAILABLE FOR YOU TO INSPECT - then if you thought you could get that $20,000 through a vuln, you're telling me you'd sit there trying to hack one of the other two boxes? WHY? - lamiaconfitor, on 03/29/2008, -6/+38cost more does not equal worth more.
- Philluminati, on 03/29/2008, -2/+34"giving Ubuntu the credit for this isn't right"
Ubuntu deserve alot of credit for getting things right and for making the securest of three laptops (although one contest with a few people != scientific fact). But as well as Ubuntu you also have to thank the Kernel team, the Xorg team, the gnome team etc... it only takes one weakness in one of the default applications to damage the reputation of all of the teams and distros. Anyway congratulations to all the contributors to the project.
It is perhaps yet another shed of light that open source software is inherently more secure than closed source. More eyes to find the breaches and yet another reason free software should their own flash player rather than use a closed source Adobe one! - InsaneMachine, on 03/29/2008, -0/+30Did you miss the fact the first day (no laptop was hacked) they got to keep the laptop and $20,000. The second day (Macbook Air hacked) They got to keep the laptop and $10,000. 3rd day ( vista hacked) winner got the laptop and $5,000.
Do you think that they just all tried to hack the Mac first because it was worth more? Cause the 10 grand in cash and selling whatever laptop they won on ebay and then buying their laptop of choice just could never happen.
Face it, most Operating Systems are relatively secure out of the box, you have to count on the user to do something stupid, which was how the mac lost. The Judges got tricked into clicking a link that exploited a Safari vulnerability. - Kral, on 03/29/2008, -2/+30In this case, Flash < Gnash
- john2kx, on 03/29/2008, -70/+97Sorry, but * > Vista.
- FutureGuy, on 03/29/2008, -5/+31What it did show is Windows is not what it used to be, hacking one is not a piece of cake by any measure. The fact that they had to install Flash to being down the OS is big Kudos for MS.
- bluegene, on 03/29/2008, -15/+41I hope Apple will shut the ***** up now at least regarding security
- carrtoonist, on 03/29/2008, -7/+33How is number 3 obvious?
- Koush, on 03/29/2008, -15/+40Aw, i was actually routing for the underdog. (Vista)
- mrsteveman1, on 03/29/2008, -4/+29XP is more secure than Vista? That will be news to all the botnets around the world.
- daftman, on 03/29/2008, -6/+31Hang on there. What exactly are you trying to say here?
Apple MacBook Air was the FIRST the be compromised using Apple's Safari code. So it IS their own software.
Ubuntu don't write much software except for upstart and other system utilities.
It wasn't Microsoft Vista flaw per se because the system wasn't comprised simply by running windows. It was compromised using Adobe Flash.
I know you hate Microsoft and I do too but I must given them credit for going this far. - theaceoffire, on 03/29/2008, -8/+33WoW runs faster in Wine than it does in windows.
- tehbored, on 03/29/2008, -8/+32Oh right because OS X is far superior to Ubuntu and Vista in looks... oh wait. Well at least it's better in customizability... nope, that neither (actually I've never really used Vista for an extended period, but I know for a fact Ubuntu trumps OS X in customizablity).
- zcreem, on 03/29/2008, -9/+33Shouldn't the OS protect itself from rogue programs like this.
Especially as Flash is a pretty much must have app. - mstrebe, on 03/29/2008, -1/+22Let's see... Nope, just as smug.
- caranthir, on 03/29/2008, -49/+701) Apple's own software was compromised,
2) Vista got "beaten" because of a flaw in non-Microsoft code.
3) It is obvious that the people didn't challenge the Ubuntu enough that comes with a large collection of dubious third party software.
The hypocrisy of the digg members never fails to amaze me. - TeacherOfHeroes, on 03/29/2008, -1/+22Hell, you could probably take out the GUI and just run bash on top of darwin with enough tinkering. What they mean by OS in this case is that it comes as part of the OS package.
- theaceoffire, on 03/29/2008, -0/+21Damn it, read the damn article.
No one went easy on Ubuntu. If Ubuntu was easy to hack, it would have been so that they could win the 10,000 on day 2 (And get a free computer). - BryanJK, on 03/29/2008, -2/+21windows me?
- mcmlxxii, on 03/29/2008, -3/+22You need to look at the competition rules again.
- daftman, on 03/29/2008, -1/+19The distro DO make the difference because they are testing on DEFAULT install and settings.
I'm pretty sure default install of OpenSUSE will be different from Fedora and Ubuntu. Other things such as no open ports at default install and no root account at default install are also important. - barius, on 03/29/2008, -1/+19Flash for Win has a different code base from Flash for Lin. It would be like comparing apples to oranges.
- daftman, on 03/29/2008, -0/+18That was the rule. PWN 2 OWN remember?
The MacBook Air laptop that was pwned was also given as the prize. - Wrathernaut, on 03/29/2008, -0/+18The fact is that most people use flash and visit websites. It's great that we've got OSs that don't get pwned just plugged into a network and left on anymore, but making a system that can stay safe even when Joe User thinks that clicking a "gr0W 6 inches in 1 day!" link is a good idea even just once, accidently.
- chillypacman, on 03/29/2008, -25/+43the *****?
let me get this straight, they installed third party software on Vista to crack it and they use that to claim Ubuntu is superior to Vista? Naaaaw, why didn't they just go ahead and install a keylogger in there while they were at it? - daftman, on 03/29/2008, -4/+21You should read about the competition.
It was a three-day contest. The first day was just about the OS. None was hacked
The second day was about default 3rd-party app. Mac was hacked via Safari
The third day was additional non-default but popular app. Vista was hacked.
Microsoft DO have faults in this situation as well as Apple because they allow a third party software to gain root access to the system. If you look at Solaris, each software run in each in sandbox and cannot be used to exploit the system through normal user permission. - theaceoffire, on 03/29/2008, -2/+18I wouldn't mind a free comp.
- jaxter2010, on 06/17/2009, -1/+17yea there was a whole article on digg yesterday about mac falling. you must have missed it.
- 4d669, on 03/29/2008, -1/+16Time Vista has been out > Time Leopard has been out. Therefore more time to write/create exploits.
2 minutes to access Leopard, access through 1st party software. Hours to access Vista with no results, had to access through 3rd party software.
I think it's pretty clear now. - djjuice, on 03/29/2008, -5/+20so in this, we have learned that safari sucks and flash beta sucks, i wonder how both adobe and apple feel about this.
i'm not apple fanboy or windows fanboy but i'm glad to see both were secure in premise. Then again none were hacked over a network which also is good news. I'm only not sure if they were given access to the computer? If so then isnt all security out the door anyways? - Keithamus, on 03/29/2008, -1/+16I personally think that Mac OSX is butt ugly, but I love ClearLooks and have it on ubuntu and windows xp.
Beauty is in the eye of the beholder, your point is moot. - dmason, on 03/29/2008, -3/+17If you call being less than a percentage point behind OS X "dead last", then yes: http://www.w3schools.com/browsers/browsers_os.asp
I know it's hard to quantify usage statistics, but this was a contest about security. Usage statistics can and should he irrelevant to security. Security through obscurity is a myth.
If anything, this competition opened some Mac users' eyes to see that they're not immune. Last month's kernel bug should be a reminder to Linux users that they're not immune. Windows users are typically reminded the second Tuesday of each month. -
Show 51 - 100 of 575 discussions
© Digg Inc. 2009
— Content created and posted by Digg users is