Register FAQ / Rules Forum Spy Search Today's Posts Mark Forums Read
Go Back   MacRumors Forums > News and Article Discussion > Mac Blog Discussion

Reply
 
Thread Tools Search this Thread Display Modes
Old Mar 14, 2014, 07:52 AM   #1
MacRumors
macrumors bot
 
Join Date: Apr 2001
Chinese Security Team Exploits Safari Security Flaw at PWN2OWN




Every year for the past seven years, hackers have gathered at the annual PWN2OWN event to hack high-profile software and mobile devices using previously unknown vulnerabilities. Apple's Safari browser and iOS platform are often included in the annual contest, which also targets Internet Explorer, Chrome, Firefox, and Adobe's Flash and Reader applications. This year, Safari was taken down on day two by a team of vulnerability researchers and exploit developers from China, reports ThreatPost.

China's Keen team exploited two vulnerabilities that allowed the team to execute arbitrary code using a Safari WebKit flaw and circumvent Apple's sandbox via an OS X system-level vulnerability. Speaking about the vulnerabilities they found, the Keen team stated that Apple's OS X is difficult to exploit and the operating system overall is very secure.
Quote:
"For Apple, the OS is regarded as very safe and has a very good security architecture," Keen team member Liang Chen said. "Even if you have a vulnerability, it's very difficult to exploit. Today we demonstrated that with some advanced technology, the system is still able to be pwned. But in general, the security in OS X is higher than other operating systems."
Apple representatives attended the contest and were made aware of the security exploits used in the contest. This isn't the first time Safari has been exploited during the contest. In 2011, a team of French security researchers compromised a MacBook by remotely running code within five seconds of contacting the machine.

Article Link: Chinese Security Team Exploits Safari Security Flaw at PWN2OWN
MacRumors is offline   1 Reply With Quote
Old Mar 14, 2014, 08:09 AM   #2
nt5672
macrumors member
 
Join Date: Jun 2007
Public awareness of security flaws is the best way to ensure the security of our devices. Thank you Chinese security team.
nt5672 is offline   18 Reply With Quote
Old Mar 14, 2014, 08:10 AM   #3
BasicGreatGuy
macrumors 65816
 
BasicGreatGuy's Avatar
 
Join Date: Sep 2012
Location: Atlanta, Ga.
I wonder if the hacker praise is real or just polite words. Hopefully, we will see a Safari update soon.
__________________
The Bill of Rights is not a Bill of Loopholes.
BasicGreatGuy is offline   3 Reply With Quote
Old Mar 14, 2014, 08:18 AM   #4
Crosscreek
macrumors 6502a
 
Crosscreek's Avatar
 
Join Date: Nov 2013
Location: Margarittaville
I'm sure the NSA has ways.
Crosscreek is offline   3 Reply With Quote
Old Mar 14, 2014, 08:20 AM   #5
thaifood
macrumors 6502
 
Join Date: Jun 2011
Quote:
Originally Posted by BasicGreatGuy View Post
I wonder if the hacker praise is real or just polite words. Hopefully, we will see a Safari update soon.
I'm sure there is professional praise. Plus it's essentially free debug testing for the companies participating.
thaifood is offline   7 Reply With Quote
Old Mar 14, 2014, 08:24 AM   #6
Cuban Missles
macrumors 6502a
 
Cuban Missles's Avatar
 
Join Date: Dec 2012
Location: East Coast, USA
The article also said the team felt that Safari was more secure than other platforms. I am no expert but it does look like at least one is simple to fix and if I understood correctly you would have to use both to really get control. So if they fix either it would solve the problem.

Having said all that, if this is the most secure, the others have some really big problems.
__________________
I have a collection of Apple stickers from all my Apple product purchases - they are white (the stickers not the products)
Cuban Missles is offline   4 Reply With Quote
Old Mar 14, 2014, 09:22 AM   #7
BigBeast
macrumors 6502
 
Join Date: Mar 2009
Quote:
Originally Posted by Cuban Missles View Post
[...]if I understood correctly you would have to use both to really get control.
I would guess that if the second vulnerability circumvents sandboxing, that it should be the first fix. Webkit vulnerabilities are almost inevitable; that's why sandboxing exists. If sandboxing doesn't catch the threat or is bypassed, that's a greater weakness.
__________________
2012 cMBP 2.6GHz Core i7 16gb 512 SSD iPhone 5S iPad Air
BigBeast is offline   5 Reply With Quote
Old Mar 14, 2014, 10:51 AM   #8
JerryCards
Banned
 
Join Date: Nov 2011
Location: Richmond, VA
 
Send a message via Skype™ to JerryCards
The most secure OS maybe FreeBSD or Linux. MAC OS X evolved from FreeBSD or Unix. OS X contains indecent number of vulnerabilities, but, still can be considered relatively safe.
JerryCards is offline   0 Reply With Quote
Old Mar 14, 2014, 11:24 AM   #9
Silencio
macrumors 68000
 
Silencio's Avatar
 
Join Date: Jul 2002
Location: NYC
Quote:
Originally Posted by JerryCards View Post
The most secure OS maybe FreeBSD or Linux. MAC OS X evolved from FreeBSD or Unix. OS X contains indecent number of vulnerabilities, but, still can be considered relatively safe.
I think you mean OpenBSD, which has a greater focus on security. Mac OS X is based on FreeBSD.
__________________
"The times they are a changin', and some traditional PC folks feel like their world is slipping away. It is."
Silencio is offline   2 Reply With Quote
Old Mar 14, 2014, 12:03 PM   #10
leman
macrumors 68040
 
Join Date: Oct 2008
Quote:
Originally Posted by JerryCards View Post
The most secure OS maybe FreeBSD or Linux.
Which one of thousand existing Linux distributives are you talking about? Linux is not an OS, its a kernel - and this is the reason why Linux is not even considered at PWN2OWN. The kernel is usually quite secure, its the software stack on its top that has vulnerabilities.
leman is offline   9 Reply With Quote
Old Mar 14, 2014, 03:49 PM   #11
iamkarlp
macrumors member
 
Join Date: Oct 2008
Quote:
Originally Posted by leman View Post
Which one of thousand existing Linux distributives are you talking about? Linux is not an OS, its a kernel - and this is the reason why Linux is not even considered at PWN2OWN. The kernel is usually quite secure, its the software stack on its top that has vulnerabilities.
Indeed. And with the average GUI linux install being anywhere between 3~10 GB on disk, with the kernel only making up ~100MB of that, there is a lot of software stack to go around.

Karl P
iamkarlp is offline   3 Reply With Quote
Old Mar 14, 2014, 04:34 PM   #12
mrxak
macrumors 65816
 
Join Date: Apr 2004
Location: Drifting through space in a broken escape pod
Obviously it's better to see these exploits happen at PWN2OWN than have them suddenly spring up in the wild. Apple and other companies attend events like this in order to quickly fix any problems that are demonstrated.
__________________
Phones Will Kill You
mrxak is offline   1 Reply With Quote
Old Mar 14, 2014, 05:02 PM   #13
laurihoefs
macrumors 6502a
 
laurihoefs's Avatar
 
Join Date: Mar 2013
Location: Korpi
Quote:
Originally Posted by nt5672 View Post
Public awareness of security flaws is the best way to ensure the security of our devices. Thank you Chinese security team.
Yes it is, indeed.

We do not know if the security team in question are the first ones to discover this vulnerability, so someone might have already attempted to exploit it, and even succeeded. Now that information about the flaw is out in the open all affected parties are aware of the issue, and can start working to get it fixed. No-one has to rely on security-by-obscurity.

Sincerely: Thank you team Keen.

Last edited by laurihoefs; Mar 17, 2014 at 06:20 PM. Reason: Added team name
laurihoefs is offline   1 Reply With Quote
Old Mar 14, 2014, 06:47 PM   #14
VanillaCracker
macrumors 65816
 
Join Date: Apr 2013
Location: Washington D.C.
Quote:
Originally Posted by MacRumors View Post
In 2011, a team of French security researchers compromised a MacBook by remotely running code within five seconds of contacting the machine.
Yeahhhh
VanillaCracker is offline   0 Reply With Quote
Old Mar 15, 2014, 12:16 AM   #15
JerryCards
Banned
 
Join Date: Nov 2011
Location: Richmond, VA
 
Send a message via Skype™ to JerryCards
Most major distributions of linux should be pretty secure. Like Ubuntu, Linux mint (based on Ubuntu) , Fedora. openSUSE. Yes, wrong configuration of any OS will make it vulnerable to attack.

Quote:
Originally Posted by leman View Post
Which one of thousand existing Linux distributives are you talking about? Linux is not an OS, its a kernel - and this is the reason why Linux is not even considered at PWN2OWN. The kernel is usually quite secure, its the software stack on its top that has vulnerabilities.
JerryCards is offline   0 Reply With Quote
Old Mar 15, 2014, 12:53 AM   #16
leman
macrumors 68040
 
Join Date: Oct 2008
Quote:
Originally Posted by JerryCards View Post
Most major distributions of linux should be pretty secure. Like Ubuntu, Linux mint (based on Ubuntu) , Fedora. openSUSE. Yes, wrong configuration of any OS will make it vulnerable to attack.
What do you base this on? There have been three exploits of Firefox presented at this PWN2OWN - why do you think Firefox would be more secure under Linux than under Windows?
leman is offline   2 Reply With Quote
Old Mar 15, 2014, 04:30 AM   #17
Truffy
macrumors 6502a
 
Truffy's Avatar
 
Join Date: May 2005
Location: somewhere outside your window...
Quote:
Originally Posted by Cuban Missles View Post
The article also said the team felt that Safari was more secure than other platforms. I am no expert but it does look like at least one is simple to fix and if I understood correctly you would have to use both to really get control. So if they fix either it would solve the problem.

Having said all that, if this is the most secure, the others have some really big problems.
Strictly speaking, they only said that OS X was relatively secure, in the OP at least they didn't make any mention of Safari's security status.
Quote:
Originally Posted by nt5672 View Post
Thank you Chinese security team.
Quote:
Originally Posted by laurihoefs View Post
Sincerely: Thank you Chinese security team.
Oh come on, let's give proper recognition. The team name (Keen) is given in the OP.
__________________
Too much stuff
Not enough stuff
Truffy is offline   1 Reply With Quote
Old Mar 15, 2014, 12:37 PM   #18
Solomani
macrumors 68000
 
Solomani's Avatar
 
Join Date: Sep 2012
Quote:
Originally Posted by MacRumors View Post
Apple representatives attended the contest and were made aware of the security exploits used in the contest.
This is the best point regarding this news. The fact that Apple sent reps to the conference, they were standing by ready to learn of any uncovered security flaws on Apple's own browser. Hopefully it leads to Apple to plugging those holes in a timely manner.

Good.
Solomani is offline   0 Reply With Quote
Old Mar 15, 2014, 01:19 PM   #19
steve333
macrumors regular
 
Join Date: Dec 2008
I'm getting tired of Safari and it's problems with certain websites and incompatibility.
Why doesn't Apple switch to a more compatible platform already?
steve333 is offline   0 Reply With Quote
Old Mar 15, 2014, 03:16 PM   #20
macproredux
Banned
 
Join Date: Mar 2014
Quote:
Originally Posted by leman View Post
What do you base this on? There have been three exploits of Firefox presented at this PWN2OWN - why do you think Firefox would be more secure under Linux than under Windows?
Because user-land is separate from core, programs are in /usr/bin and important stuff in /etc. because you breach user-land you don't breach the core of the system. This is thing that is not true about OS X there are ways to block user-land too but..

Linux's fragmentation will make it inherently more secure.
macproredux is offline   0 Reply With Quote
Old Mar 15, 2014, 03:45 PM   #21
leman
macrumors 68040
 
Join Date: Oct 2008
Quote:
Originally Posted by macproredux View Post
Because user-land is separate from core, programs are in /usr/bin and important stuff in /etc. because you breach user-land you don't breach the core of the system. This is thing that is not true about OS X there are ways to block user-land too but..

Linux's fragmentation will make it inherently more secure.
What difference does the filesystem layout make in this case? If you are able to get control of a browser, you gain permissions of the user which has launched the browser. This is often enough to wreck havoc on the system, like reading/deleting user files etc. Starting with Vista, the permission system of Windows works quite similar to those of OS X or, say, Ubuntu.

BTW, the filesystem organisation is one reason why I tend to stay away from Linux. Its really difficult to manage software it it puts itself all over the file tree. OS X with its bundle system is the best solution I have seen so far.
leman is offline   1 Reply With Quote
Old Mar 15, 2014, 03:53 PM   #22
macproredux
Banned
 
Join Date: Mar 2014
Quote:
Originally Posted by leman View Post
What difference does the filesystem layout make in this case? If you are able to get control of a browser, you gain permissions of the user which has launched the browser. This is often enough to wreck havoc on the system, like reading/deleting user files etc. Starting with Vista, the permission system of Windows works quite similar to those of OS X or, say, Ubuntu.

BTW, the filesystem organisation is one reason why I tend to stay away from Linux. Its really difficult to manage software it it puts itself all over the file tree. OS X with its bundle system is the best solution I have seen so far.
It doesn't put everything all over the file tree it puts data on two places just like OS X and none of it is in root like OS X. If you exploit a user you exploited that user not the system, systems like Ubuntu don't even create a root user that could exploit the whole system.
macproredux is offline   0 Reply With Quote
Old Mar 15, 2014, 05:21 PM   #23
leman
macrumors 68040
 
Join Date: Oct 2008
Quote:
Originally Posted by macproredux View Post
It doesn't put everything all over the file tree it puts data on two places just like OS X and none of it is in root like OS X. If you exploit a user you exploited that user not the system, systems like Ubuntu don't even create a root user that could exploit the whole system.
OS X applications are usually a bundle, which is one single folder. Under Unix, the application files are usually scattered somewhere within \usr\local or wherever. I have no idea what you mean by 'in root', it doesn't make any sense to me. And - every Linux has a root user. Under Ubuntu, just like under OS X or Windows, the user with admin rights can temporally get root privileges by using user elevation.
leman is offline   1 Reply With Quote
Old Mar 15, 2014, 08:49 PM   #24
Sterkur
macrumors newbie
 
Join Date: Apr 2011
Quote:
Originally Posted by Crosscreek View Post
I'm sure the NSA has ways.
Looks like China's Keen team found NSA's back door
Sterkur is offline   0 Reply With Quote
Old Mar 16, 2014, 08:00 AM   #25
msandersen
macrumors regular
 
Join Date: Jan 2003
Location: Sydney, Australia
Send a message via AIM to msandersen
Quote:
Originally Posted by Sterkur View Post
Looks like China's Keen team found NSA's back door
No, that was the GoToFail bug; now they've discovered an even more severe bug in GnuTLS which is used in hundreds of Linux systems and applications, making them all as vulnerable to SSL attacks as OSX was.
Hmm, very suspicious...

http://arstechnica.com/security/2014...eavesdropping/
__________________
People who are willing to give up freedom for the sake of short term
security, deserve neither freedom nor security.
-Benjamin Franklin
msandersen is offline   0 Reply With Quote

Reply
MacRumors Forums > News and Article Discussion > Mac Blog Discussion

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
10.9.1 security flaw ? anonymous4a OS X Mavericks (10.9) 7 May 20, 2014 07:26 AM
Major security flaw! gurbinav iOS 7 14 Sep 20, 2013 10:41 AM
Control Centre security flaw sully54 iOS 7 4 Jun 11, 2013 12:42 AM
Security Flaw in OS X? Watabou OS X 10.8 Mountain Lion 16 Oct 2, 2012 07:35 AM
Siri security flaw? R0b iPhone 10 Sep 23, 2012 01:09 PM

Forum Jump

All times are GMT -5. The time now is 08:13 AM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC