Last year OS X + Safari were also the first to fail.
And Google would pay any hacker $20.000 if they can hack Chrome on the first day, all hackers couldn't do it.
What bias are you talking about?
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Researchers Exploit Safari Security Hole in Five Seconds at PWN2OWN
- Thread starter camelsnot
- Start date
- Sort by reaction score
Last year OS X + Safari were also the first to fail.
And Google would pay any hacker $20.000 if they can hack Chrome on the first day, all hackers couldn't do it.
What bias are you talking about?
So the exploited Safari on OS X. Meh...Until they do the same thing with FireFox on OS X, I ain't worried.
6 weeks of preparation was put into hacking Internet explorer 8, while 2 weeks of preparation was only done for Safari ( ok, the safari hackers had 3 people working on it ).
Last year Safari was also first too fail, so this is good enough reason for me to dump Safari and say hello to Chrome
This thread better explains the problems and implications of PWN2OWN.
The webkit bug used in Safari 5.0.3 is still present in Safari 5.0.4.
It should be noted that the vulnerability that may be exploited to get user level access on the iPhone 4 (running iOS 4.2.x) at pwn2own was not patched in iOS 4.3 but the researchers exploit has been tested on iOS 4.3 and does not work. iOS 4.3 introduce new security mitigations, such as some ASLR, to iOS that increase the difficulty of exploitation.
The webkit bug used in Safari 5.0.3 is still present in Safari 5.0.4.
It should be noted that the vulnerability that may be exploited to get user level access on the iPhone 4 (running iOS 4.2.x) at pwn2own was not patched in iOS 4.3 but the researchers exploit has been tested on iOS 4.3 and does not work. iOS 4.3 introduce new security mitigations, such as some ASLR, to iOS that increase the difficulty of exploitation.
Last edited:
The cognitive dissonance here is ASTOUNDING. The very article you link contradicts exactly what you said a few lines later:
The vulnerability they exploited could be used to RIGHT NOW ON A FULLY PATCHED HOST.
As someone who works in security, I'm torn: I'm disappointed that people are still so fantastically oblivious and stupid when it comes to security. But on the flip side, I get paid to protect you from yourself.
I suspect they have been serious about security for awhile, but they are so secretive that they aren't talking publicly about any concerns or what they are doing about them
with all the $ apple makes
Apple should pay cash rewards to these people.
Looks like Firefox and Camino will get the reinstall tonight.
Apple should pay cash rewards to these people.
Looks like Firefox and Camino will get the reinstall tonight.
swingerofbirch
macrumors 68040
It's hard to blame Apple or the tech industry too much. In what other industry do the manufacturers of a product have to defend against people actively trying to break the product? Manufacturers of microwaves don't have to worry that someone is going to purposefully try to break it. Car manufacturers sometimes add anti-theft features, but they aren't blamed if a car is broken into.
Security is necessary, but it's already amazing how advanced computers are, so I guess I give the imperfections a break.
Security is necessary, but it's already amazing how advanced computers are, so I guess I give the imperfections a break.
Lol x2. I like apple products too but too many apple fans are too busy ... to ever criticize them. Criticism is good people!
Last edited by a moderator:
As mentioned the guy in (2) worked several weeks on his exploit as well ..
Safari was patched .. but the exploit still works according to ArsTechnica
Chrome was set up under different conditions .. I agree they don't seem quite fair .. but then the price money was higher.
T.
Thank you for reiterating this. They wouldn't have won the prizes if this had already been fixed.
You put your money where your mouth is. When Microsoft is paying out millions to have their stuff tested Apple is granting people the glory of being able to alpha-test their next OS for free. I love Apple, but they think that since their customers pay to be beta testers that the same will be true for professionals.
The work these white hats do is incredibly difficult. Expecting them to do it out of moral obligation is like stopping a doctor mid-exam with another patient and asking him to treat your rash for free.
But last year Safari was also the first to fail. So I think it is highly unlikely that Safari has no holes anymore.
Chrome seems much safer.
View security as safety from external forces. Attacks have almost become a force of nature into themselves now.
aehm .. yes.
The anti theft measure in modern high end cars are very substantial and go way beyond a mere key, that was perfectly sufficient to protect your car 40 years ago.
The problem with your computer is that you store your life on that machine. You bank through your computer, you go shopping with your credit card with your computer and you do correspondence using your computer. Any security breach potentially has a higher impact than getting your car stolen.
You shouldn't security that lightly ..
T.
If it took a team of 100 attackers 6 months working in 18 hour shifts to remotely compromise your machine, would you still remain unconcerned?
People focusing on the resource allocations of these attacks are totally missing the point. 6 days or 6 months, the point is click and owned. That's bad for anyone and everyone.
At the bottom of the article which appeared in The Register:
http://www.theregister.co.uk/2011/03/10/apple_safari_ie_stomped/
he says his exploit still worked.
Yes.
If they work that long and hard to hack my machine, they can have the pictures of me at the beach.
6 weeks was put into internet explorer. You think the other hackers put no effort in hacking the others?
Google even promised to pay $20.000 to any hacker that can hack Chrome on the first day.
Yes.
If they work that long and hard to hack my machine, they can have the pictures of me at the beach.
2 weeks is nothing for hackers if it's something big
Chrome survived day one. Luckily, Safari will soon be based on Webkit2 (http://trac.webkit.org/wiki/WebKit2) with a similar sandbox to Chrome.
Right now Safari only sandboxes plugins. The rendering (webkit - safari exploited today via webkit) and scripting engines are not sandboxed in the current Safari.
Chrome sandboxes all these components and so will Safari once based on Webkit2.
IE's sandbox (protected mode) was bypassed today during pwn2own. IE sandboxes the UI frame from tab process but does not sandbox plugins, rendering engine, and scripting engine from tab process so each process runs as a complete browser process.
All OS have vulnerabilities in client software that parse a lot of data types, such as web browsers, office suites, & etc.
But, OS X has a very low incidence rate of privilege escalation to the system level which is required to install malicious software in security sensitive areas of an OS. No examples of privilege escalation in OS X being used in malware in the wild unlike Windows 7 (see Stuxnet).
In relation to privilege escalation in Windows 7, there is an unpatched win32k.sys vulnerability related to the priv esc used in Stuxnet that has been public for 216 days. Also, there is a public remote root vulnerability (with proof of concept exploit) that affects Windows 7 that is public and unpatched for over three weeks.
So much for the Safari hacked first headlines. See image below:
Right now Safari only sandboxes plugins. The rendering (webkit - safari exploited today via webkit) and scripting engines are not sandboxed in the current Safari.
Chrome sandboxes all these components and so will Safari once based on Webkit2.
IE's sandbox (protected mode) was bypassed today during pwn2own. IE sandboxes the UI frame from tab process but does not sandbox plugins, rendering engine, and scripting engine from tab process so each process runs as a complete browser process.
All OS have vulnerabilities in client software that parse a lot of data types, such as web browsers, office suites, & etc.
But, OS X has a very low incidence rate of privilege escalation to the system level which is required to install malicious software in security sensitive areas of an OS. No examples of privilege escalation in OS X being used in malware in the wild unlike Windows 7 (see Stuxnet).
In relation to privilege escalation in Windows 7, there is an unpatched win32k.sys vulnerability related to the priv esc used in Stuxnet that has been public for 216 days. Also, there is a public remote root vulnerability (with proof of concept exploit) that affects Windows 7 that is public and unpatched for over three weeks.
So much for the Safari hacked first headlines. See image below:
Attachments
Last edited:
If every other browser was hacked before Safari, does that make Safari safer? Am I just missing something, or is everyone here totally missing the point?
The browser are not hacked all at once but one at a time with Safari being the first on the schedule. This is true in past pwn2own contests (including last year) as well.