Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Researchers Exploit Safari Security Hole in Five Seconds at PWN2OWN
- Thread starter camelsnot
- Start date
- Sort by reaction score
Probably doesn't help when OS X is the first to be tested...
Doesn't matter that it was the first to be tested.
Windows 7 fell after slightly longer, OS X in 5 seconds.
Last years Pwn2Own, Windows 7 couldn't be cracked on the first day when the criteria was 'only through the internet'
OS X fell in about 8 seconds.
Žalgiris;12106879 said:
You have no idea what these exploits are worth, Companies like Microsoft and Apple pay 10's of thousands of dollars for exploits, sometimes hundreds of thousands if its serious.
Some people make a handsome living selling exploits to these companies.
Last edited:
That's false, a guy said he would try it.
These guys prepare in advance. The guy was a no-show. Could it be he couldn't come up with a hack in time and thus decided not to go waste his time at the competition ? Yeah, definitely a win for Chrome.
It suggests that even with a substantial carrot, no-one found a good attack vector. That's good for Chrome.
+1
Chrome > Safari.
Like he said, the guy was signed up to attempt it, but ended up being a no show.
thats why I said they escaped.. no one seemed to try? but if it was possibly why wouldn't anyone give it a go?
Please educate yourself. Denial is not a good place to inhabit if you care about your banking details.
Žalgiris;12106879 said:
IMO, what should happen is Apple (and Microsoft) should offer a $100K bounty for every security hole found in in their products. That would ensure timely reporting of problems and give people a real incentive to to find every last exploit. Of course, companies won't do that because none of them really take security that seriously and all the rhetoric about how they care is just that
I've not seen any posts like the head in the sand analogy you made.
OSX will most likely fail first every year because they test OSX first every year...
It's about time Apple realizes that security is an issue that can't be neglected any longer. iOS may be an improvement, but OS X, Safari, iTunes, Quicktime and other Apple products were developed with security as a mere aftertought, with the result that they are easy targets. Exploit protection, randomizing of address space, sandboxes? Apple apparently never heard of them, or implemented them very poorly.
Add to that the fact that Apple is a sloth when it comes to responding to threats in a timely manner. It's a joke really. They advertise their platform as being virus-free, but the reason why that is correct is, ironically, that nobody bought Apple software until recently.
The only thing that still saves Apple is that the target is still rather small. It may be easier to write an exploit for Apple software, but it's still much more profitable to attack Windows. The time might come rather soon when this no longer holds, and I sincerely hope that until then Apple will have implemented the same high standards that are now in place at Microsoft and Google. So that they can sell software which is actually safe(r) and not just the empty promise.
Snow Leopard did nothing about security, we'll have to see if that changes with Lion.
To those who say, that it took 1-2 weeks to write that exploit and see that as some kind of apology: what exactly is your point? That it still takes some expertise to do it? Well that can be said about any programming near the OS kernel. Anyone who can write a full-blown device driver will be able to write an exploit after a basic introduction. It's not rocket science. There are books about it. There is a huge number of people with the qualification, which are either unemployed or living in a country with low income. For them 1-2 weeks is nothing and writing exploits presents itself to them as a good way to make a lot of money.
Add to that the fact that Apple is a sloth when it comes to responding to threats in a timely manner. It's a joke really. They advertise their platform as being virus-free, but the reason why that is correct is, ironically, that nobody bought Apple software until recently.
The only thing that still saves Apple is that the target is still rather small. It may be easier to write an exploit for Apple software, but it's still much more profitable to attack Windows. The time might come rather soon when this no longer holds, and I sincerely hope that until then Apple will have implemented the same high standards that are now in place at Microsoft and Google. So that they can sell software which is actually safe(r) and not just the empty promise.
Snow Leopard did nothing about security, we'll have to see if that changes with Lion.
To those who say, that it took 1-2 weeks to write that exploit and see that as some kind of apology: what exactly is your point? That it still takes some expertise to do it? Well that can be said about any programming near the OS kernel. Anyone who can write a full-blown device driver will be able to write an exploit after a basic introduction. It's not rocket science. There are books about it. There is a huge number of people with the qualification, which are either unemployed or living in a country with low income. For them 1-2 weeks is nothing and writing exploits presents itself to them as a good way to make a lot of money.
It would be nice if OSs did this automatically versus relying on the users to do this after the fact...
I though MS does offer money for security holes (and maybe fixes). Is that not true? I am pretty sure Google does...
Wow, this is totally unfrightening. Going to a malicious website on any OS is a chance to crack it.
Only if someone can make a malicious website that exploits a flaw in your browser/OS combination.
The guy that won was geared up for a few months hoping Apple wouldn't patch it prior to his execution. It was all ready for him when he arrived. It is unfortunate that Apple does not take Safari exploits as serious as it should given browsers are the usual weak point in an OS' security.
Faulty contest
Apple fixed this bug before the contest but Pwn2Own ran an unpatched, unfixed version of Safari with a known bug. Big deal. Why not install Windows 95 on the Dell, and Red Hat 2 on the HP to make the contest really up to date?
Apple fixed this bug before the contest but Pwn2Own ran an unpatched, unfixed version of Safari with a known bug. Big deal. Why not install Windows 95 on the Dell, and Red Hat 2 on the HP to make the contest really up to date?
Really? You find a hole - you report it. What's stupid about that? These holes aren't so easy to find that you can hack browser on the fly, so preparations must be made. Means this is intentional: find a bug and sit on it for months for fame and money. To me it's pathetic. It doesn't help to secure software at all, just makes someones twitter account more popular.
So because it took 2 weeks to discover the hole and find an exploit it?
If your Mac ever gets hijacked in an instant because you were linked to a certain website you can take solace in the fact the exploit took a few weeks to write.
I think they might offer some bounty (or at least used to), but I'm suggesting a very large amount of cash: If they offered $100K (or even $1M) per exploit it would cost them tens of millions in the first year but would vastly reduce the number of holes over time as people would have a real incentive to find them and companies would have a real incentive not to release software with huge gaping holes in it.
What always annoys me about these things is that if a few (admittedly talented) hackers can find these holes with nothing more than a fuzzer, then why can't huge companies with vast resources use the same techniques to find the holes before they release it into the wild? The only logical reason is that they don't really care about security exploits as much as they care about getting shiny new features out into the wild