MacBook Air hacked in security contest

Discussion in 'MacBytes.com News Discussion' started by MacBytes, Mar 28, 2008.

  1. macrumors bot

    Joined:
    Jul 5, 2003
    #1
  2. macrumors 6502

    skiesforme

    Joined:
    Feb 4, 2008
    #2
    I have this belief that as Macs become more popular and gain decent market share, we "could" start seeing viruses/trojans/malware. Right now, to be frank we(Mac owners) are somewhat a minority and one's who are not that valuable/of interest to hackers.
    But nevertheless, I feel so much better away from all kinds of Antivirus and Antispam and Antispywares on Windows.... phew.. what a relief...
     
  3. macrumors G3

    clevin

    Joined:
    Aug 6, 2006
  4. macrumors 601

    Krafty

    Joined:
    Dec 31, 2007
    Location:
    La La Land
  5. macrumors newbie

    Joined:
    Mar 27, 2008
  6. macrumors 68030

    iMpathetic

    Joined:
    Oct 7, 2007
    Location:
    IMBY
    #6
    Camino>Firefox>Safari (all versions)
     
  7. macrumors P6

    Peace

    Joined:
    Apr 1, 2005
    Location:
    Space--The ONLY Frontier
  8. macrumors 68030

    iMpathetic

    Joined:
    Oct 7, 2007
    Location:
    IMBY
    #8
    Finally, something we can all agree on. :D

    Why is it important that the air got hacked? Does it matter which Mac at all?
     
  9. macrumors 68000

    SPUY767

    Joined:
    Jun 22, 2003
    Location:
    GA
    #9
    To add a bit of perspective, my friend, who attended the conference, said that all the interest centered around the Air, and that not that many people were even interested in the other two machines. The question is, is this a bug in how WebKit handles an image or tag of some sort, or is it a bonafide bug in Safari? People have been going around in circles saying that if it were a bug in WebKit, that webkit based browsers running under Linux would be vulnerable to the same exploit, which is true, but they have also been claiming that since the exact exploit that got the Air wouldn't run on a linux machine running a webkit browser then it couldn't be a webkit problem, which is false. A linux machine would attempt the same execution of whatever code was present, but the Mac code isn't going to execute on the linux machine. Now, the web sites "covering" this have been running rather libelous headlines to make it seem as though the mac crumbled in the face of a hack attempt, but let us keep in mind that the author of this software likely invested hundreds of hours in finding it and then sat on it waiting for the conference. My friend who attended did the same thing, but his exploit did not work.

    Oh, and Opera>All
     
  10. macrumors 68030

    Benjamindaines

    Joined:
    Mar 24, 2005
    Location:
    A religiously oppressed state
    #10
    Nope, just trying to water ski on the "Air" boat... just like everyone else.
     
  11. macrumors G3

    clevin

    Joined:
    Aug 6, 2006
    #11

    ubuntu is using gnome, no webkit browser in it by default. im 99.99 percentage sure its firefox 2.x running on it.
     
  12. macrumors regular

    Joined:
    Feb 13, 2006
    #12
    I wouldn't mix people looking over hacker shoulder to people ganging up on a particular machine.

    Remember, the name of the game is to be the FIRST to hack a machine and win 10,000 bucks and a hacker would probably want to choose a machine he knows he CAN hack rather a machine that would give him problems.
     
  13. macrumors 68020

    jayducharme

    Joined:
    Jun 22, 2006
    Location:
    The thick of it
    #13
    I wonder if the Windows machine was eventually hacked.

    I found it interesting that on day one, no one was able to hack into anything. So the rules were changed to make it easier.
     
  14. macrumors G3

    clevin

    Joined:
    Aug 6, 2006
    #14
    it was by design, the reward is $20,000; $10,000; $5,000 for day 1,2,3 as well.

    here you can follow the development, vista and ubuntu are still standing as of now.
    http://dvlabs.tippingpoint.com/blog/2008/03/28/pwn-to-own-final-day-and-wrap-up
     
  15. macrumors 68020

    winmacguy

    Joined:
    Nov 8, 2003
    Location:
    New Zealand
    #15
    According to the article Vista won:eek:
    "7:30pm PST Update - Vista Laptop was Won!: Congratulations to the team of Shane Macaulay and Derek Callaway (both from Security Objectives) and Alexander Sotirov! - they have just won the Fujitsu U810 laptop running Vista Ultimate SP1 after it was installed with the latest version of Adobe Flash. Not only are they the official winner of the laptop, but also $5,000 from us. The new Adobe Flash 0day vulnerability that they exploited has been acquired by the Zero Day Initiative, and has been responsibly disclosed to Adobe who is now working on the issue. Until Adobe releases a patch for this issue, neither we nor the three contestants will be giving out any additional information about the vulnerability. You will be able to track the vulnerability on the Zero Day Initiative upcoming advisories page. "
     
  16. macrumors regular

    kamm

    Joined:
    Feb 26, 2008
    #16
    Opera 9.5 or Firefox 3 latest betas > Camino >>> Safari

    BTW latest Opera is the first to pass Acid3...
     
  17. macrumors regular

    kamm

    Joined:
    Feb 26, 2008
    #17
    I'm pretty sure that every major distro runs Firefox or some Mozilla variations by default - never seen anyone using webkit so far (sans Apple.)
     
  18. macrumors 603

    gauchogolfer

    Joined:
    Jan 28, 2005
    Location:
    American Riviera
    #18
    Umm, according to that article Vista didn't win, the laptop with Vista running was hacked, and thus won by the hacker.
     
  19. macrumors regular

    kamm

    Joined:
    Feb 26, 2008
    #19
    Ummm you didn't understood the contest. Vista - its hacker - win because it took the longest time to hack. (Ergo OS X lost as it was broken first.)
     
  20. macrumors 68020

    winmacguy

    Joined:
    Nov 8, 2003
    Location:
    New Zealand
    #20
    My guess is Vista only took longer because the guy who hacked OS X focused his efforts solely on OS X - had he done the same thing to Vista he would have achieved the same result.
     
  21. macrumors 6502a

    Belly-laughs

    Joined:
    Jun 8, 2003
    Location:
    location location
    #21
    The caution remains the same; don't visit sites from e- mails coming from unknown senders, promising larger, better and more.
     
  22. macrumors 604

    chrono1081

    Joined:
    Jan 26, 2008
    Location:
    Isla Nublar
    #22
    well from everytyhing I read he really didnt do it in 2 min, it took him 2 - 3 weeks, then he made a script that was run from a page of his that did the exploit.
     
  23. macrumors 68000

    dsnort

    Joined:
    Jan 28, 2006
    Location:
    In persona non grata
    #23
    The Mac got hacked.

    Two years in a row.

    No excuses, just deal with it.

    Now Apple can fix the issue, and maybe try to make the OS as secure as they've always said it was.
     
  24. macrumors G3

    clevin

    Joined:
    Aug 6, 2006
    #24
    real time is hard to count. after all, leopard has been out for 6 months, and vista has been out for 14 monthes, Ubuntu has been out for 6 months as well.
     
  25. macrumors 68040

    Neil321

    Joined:
    Nov 6, 2007
    Location:
    Britain, Avatar Created By Bartelby
    #25
    I know the guys who hacked the air had to sign some stuff about security,but what if they said ah f**k it and did
    pass whatever they did on,would we all be in the sh*t then ?
     

Share This Page