Become a MacRumors Supporter for $25/year with no ads, private forums, and more!

MacRumors

macrumors bot
Original poster
Apr 12, 2001
54,473
16,511


Each year, the Zero Day Initiative hosts a "Pwn2Own" hacking contest where security researchers can earn money for finding serious vulnerabilities in major platforms like Windows and macOS.


This 2021 Pwn2Own virtual event kicked off earlier this week and featured 23 separate hacking attempts across 10 different products including web browsers, virtualization, servers, and more. A three-day affair that spans multiple hours a day, this year's Pwn2Own event was livestreamed on YouTube.

Apple products were not heavily targeted in Pwn2Own 2021, but on day one, Jack Dates from RET2 Systems executed a Safari to kernel zero-day exploit and earned himself $100,000. He used an integer overflow in Safari and an OOB write to get kernel-level code execution, as demoed in the tweet below.


Other hacking attempts during the Pwn2Own event targeted Microsoft Exchange, Parallels, Windows 10, Microsoft Teams, Ubuntu, Oracle VirtualBox, Zoom, Google Chrome, and Microsoft Edge.

A serious Zoom flaw was demonstrated by Dutch researchers Daan Keuper and Thijs Alkemade, for example. The duo exploited a trio of flaws to get total control of a target PC using the Zoom app with no user interaction.


Pwn2Own participants received more than $1.2 million in rewards for the bugs they discovered. Pwn2Own gives vendors like Apple 90 days to produce a fix for the vulnerabilities that are uncovered, so we can expect the bug to be addressed in an update in the not too distant future.

Article Link: Security Researcher Earns $100,000 for Safari Exploit in Pwn2Own Hacking Contest
 

BWhaler

macrumors 68040
Jan 8, 2003
3,360
4,773
I always worry given Zoom’s ties to China and the slip-shot way they went for growth above all, if some of these “flaws” are actually backdoors.

As convienent and pervasive as Zoom is, no way I would trust it if I was a CTO or enterprise security officer.
 

Baritone_Guy

macrumors member
Feb 12, 2021
36
44
They got through Parallels a few times. I saw the whole list on another site. They pretty much owned everything over the first 2 days of the event.

Wonder what day 3 will bring. Still almost $600k is prize money to be won.

The bugs get 90 days to be fixed by the vendors.
 

Sasparilla

macrumors 68000
Jul 6, 2012
1,683
2,829
Always good to see this - as it means these holes that were open to being exploited by bad guys are now going to be closed.

Sounds like more is to come, perhaps iOS.

With regards to Zoom. Their main developers are located in China. An American company using developers located in China, presumably for the super cheap costs (lower than from India). The company itself (its CEO) has a history of lying about encryption and other things previously. It was caught routing Zoom calls in the U.S. through China (this was about a year ago before things really took off for them). But like Facebook, everyone uses them so you're kinda stuck.

https://techcrunch.com/2020/04/03/zoom-calls-routed-china/
 
Last edited:

Aoligei

macrumors 6502
Jul 16, 2020
411
414
I too live in Canada.

I also understand that BWhaler referred to CTO (Chief Technology Officer) and enterprise security officer so he's talking about business concerns. Trade secrets, financial secrets - things the Chinese government clearly has interests in.

If you are CTO or anyone who has access to classified information, your smartphone is probably very restricted.

And if you are CTO and you can’t make sure your devices are secure, you should be fired.

Also it is not like United States, European companies or government aren’t interested with trade secrets, financial secret. Every country has its own spy network who specializes stealing secrets. Aren’t you are being racist when you single out Chinese government?
 

c5z

macrumors member
Feb 7, 2021
51
33
What’s to stop employee A from putting in a flaw, telling hacker 1 the issue, and splitting the reward?
 
  • Haha
Reactions: bousozoku

Aoligei

macrumors 6502
Jul 16, 2020
411
414
Potentially, all sorts of things, and it's not just China. Just as an example, let's say you're an engineer and work for the government (military or civilian), or are an engineer for an aerospace contractor (Lockheed, just as an example) working on projects for the defense of the US or Canada, or, that gather information on adversaries of the United States. There are many more possibilities.

First of all, if you work for these type of companies, you are not suppose to install unauthorized apps on devices contains sensitive information.

Second of all, you are not suppose to store sensitive information on your personal information.

And you should understand the scope of your work responsibilities, what can be say and what cannot be said. And your company should also make sure their devices are encrypted and secure.

So what to afraid of?
 

macinfojunkie

macrumors 6502
Jun 4, 2005
322
138
What’s to stop employee A from putting in a flaw, telling hacker 1 the issue, and splitting the reward?

in short not much, other than professional integrity and corporate QA process with peer review of code. That is why big companies (should) have strict vetting procedures to help prevent such collusion. And is it really worth sacrificing a lucrative development career over 50% stake in a bug reward which would what? Amount to a few months salary at best.
 
Last edited:
  • Like
Reactions: amartinez1660

mistasopz

macrumors 6502
Apr 14, 2006
368
1,532
The Chinese government is run by Chinese. And yes, if you signaling out Chinese government, you are basically saying Chinese are cheaters and Chinese are theft.

But every government in the world do spy on each other, stealing information etc.
That's some pretty loopy logic there. If I criticise the Canadian government am I racist towards Canadians (after all it's run by Canadians)? Of course not, what ridiculousness. There are 1.4 billion Chinese people and being critical of their leadership is not the same thing as hating 1.4 billion people because of their ethnicity. And if you think you think they are your friend, you better read up on your own history (Nortel IP theft for example).
 

code-m

macrumors 68030
Apr 13, 2006
2,696
2,501
Aren’t you are being racist when you single out Chinese government?
Here we go let’s throw the race card on the table for any argument that does not seem favourable.

Short Answer: No this has nothing to do with race or has do with various governments not only China that indulge in these practises, China has a law that forces private companies to comply if those companies like it or not and becomes a pseudo extension of the military and Chinese government hence the skepticism.

Other governments do this to a certain extent but there is a guise of law via a warrant even though there are back door approaches to circumvent some but not all as it’s the illusion of citizen privacy vice China with its blatant law to disregard any citizen privacy.

FYI: I am a minority and I don’t live life with a racist tinted glasses, yes there are some bad actors but the majority are not. We cannot paint other races with hate.
 
  • Like
Reactions: planteater

code-m

macrumors 68030
Apr 13, 2006
2,696
2,501
That's some pretty loopy logic there. If I criticise the Canadian government am I racist towards Canadians (after all it's run by Canadians)? Of course not, what ridiculousness. There are 1.4 billion Chinese people and being critical of their leadership is not the same thing as hating 1.4 billion people because of their ethnicity. And if you think you think they are your friend, you better read up on your own history (Nortel IP theft for example).
Well Huawei does have a large office in the area, I would not dismiss anything tbh. Some cultures indoctrinate its citizens from birth to think of a common ideology and thus extends far beyond Chinese shores. A lot of studies and on going have been conducted. It’s not done by some mistake, actually the military and levels of government even corporations like Apple have similar boot camps tbh.
 

Hildy

macrumors member
Nov 29, 2011
36
36
What does Chinese government need from you?
Huawei vs Nortel. Ask the two Michael’s how that entire affair is going for them. Or all of the Canadian pensioners, shareholders and former employees tied to Nortel, (more than 1/3 of the total value of the TSX at one time).
 

bousozoku

Moderator emeritus
Jun 25, 2002
14,530
603
Lard
It's still interesting to see that Safari is a headliner every year, whereas Firefox has become difficult.

US$100,000 doesn't seem enough for such a huge problem.
 

citysnaps

macrumors G3
Oct 10, 2011
8,117
14,165
San Francisco
First of all, if you work for these type of companies, you are not suppose to install unauthorized apps on devices contains sensitive information.

Second of all, you are not suppose to store sensitive information on your personal information.

And you should understand the scope of your work responsibilities, what can be say and what cannot be said. And your company should also make sure their devices are encrypted and secure.

So what to afraid of?

That's easy. Up above you posed the question: "What does Chinese government need from you?"

I simply answered it, providing an example. And of course that's not limited to the Chinese government. Furthermore, it has little to nothing to do with how one stores classified information. More succinctly, what a foreign adversary needs is information. Doesn't even need to be a foreign adversary. Jonathan Pollard comes to mind.

A foreign adversary simply knowing who you are, where you live, your financial situation and weaknesses, your social/political weaknesses, the aerospace/defense/etc company or branch of the government you work for, can potentially set you up for being compromised and ultimately pressured to provide sensitive/classified information either via blackmail or for money, or both. That has been going on for longer than the availability of personal phones. And by many dozens of governments worldwide.
 
Last edited:
  • Like
Reactions: planteater

Havoc035

macrumors member
Apr 9, 2021
80
200
I think it's telling that rewards for Safari exploits were lower than those for Edge and Chrome. While all got exploited only Safari also had a breach of the sandbox. Apple needs to step-up their security game as they did with Blastdoor for iMessage.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.