http://news.yahoo.com/s/infoworld/20080327/tc_infoworld/96676
PWN 2 OWN - Macbook Air gets hacked in 2 minutes…
Oh Noes Apple!!!
:roll2:
Wouldn’t that be an OS issue and not really just an airbook issue? :lol:
hahaha, right on.
he’s a smart dude… first a 350z, now 10K bucks
Yea, I believe it said this was a safari issue…
It was the 2nd day of the event, not the first 2 minutes… And if it was a Safari or Webkit exploit then the code that was executed would have been running with only user privileges. Not that that’s any better but we won’t know for sure until the code is released. Either way I’m a bit disappointed the Mac was taken down first.
Well, it brings the arguement back to “all things being equal” since none of the OS’ in question were giving anything up until they did that.
I just pointed this out for all the Mac humpers on this forum, cough cough dozr. 
meh
-
So he was able to hack the computer only after he was physically using it, using exploit code retrieved from his own website… Congrats!
-
I do not “hump” apple products. I value good product and interface design, and apple just happens to kick ass at both. I was a “PC Guy” for a very long time, I was only swayed after actually using these products on a daily basis.
-
I certainly have never claimed that Apple (or any other company) produced perfect code… that would be a ridiculous claim to make about any piece of software.
-
You are a douchebag.
I’m pretty sure that the article states he didn’t have physical access to it. I believe he directed the event organizer to a website with the exploit code on it.
Nobody was able to hack into the systems on the first day of the contest when contestants were only allowed to attack the computers over the network, but on Thursday, the rules were relaxed so that attackers could direct contest organizers using the computers to do things like visit Web sites or open e-mail messages.
Miller, best known as one of the researchers who first hacked Apple’s iPhone last year, didn’t take much time. Within 2 minutes, he directed the contest’s organizers to visit a Web site that contained his exploit code, which then allowed him to seize control of the computer, as about 20 onlookers cheered him on.
He was the first contestant to attempt an attack on any of the systems.
Miller was quickly given a nondisclosure agreement to sign, and he’s not allowed to discuss particulars of his bug until the contest’s sponsor, TippingPoint, can notify the vendor.
Contest rules state that Miller could only take advantage of software that was preinstalled on the Mac, so the flaw he exploited must have been accessible by, or possibly inside, Apple’s Safari browser.
nobody was able to hack any of the systems until they executed some bad code inside of a browser or other software.
and it had to be via OEM software.
So, OS or Browser hole.
amirite?
yup, you are correct
on 3rd day, if nobody was able to break in, then I think they’d be able to start using 3rd party/tainted software to gain access
It’s not that kid.
your right… my bad.
it appears that the guy who won, Charlie Miller, is ex-NSA, no shit
the only thing owned in this thread is RuBiCaNT
well, I think the point is… if you phished someone to another site, or somehow gained access over a site frequented by mac users and discreetly injected that code into the page, you’d compromise a lot of people. Not that IE is any better
firefox +noscript plugin FTMFW
I wonder if it was the .Tif exploit