MacBook Hacked In Contest Via Zero-Day Hole in Safari
EMB Numbers writes "Shane Macaulay just won a MacBook as a prize for successfully hacking OS X at CanSecWest conference in Vancouver, BC. The hack was based on a Safari vulnerability found by Dai Zovi and written in about 9 hours. CanSecWest organizers actually had to relax the contest rules to make the hack possible, because initially nobody at the event could breach the computers under the original restrictions. 'Dai Zovi plans to apply for a $10,000 bug bounty TippingPoint announced on Thursday if a previously unknown Apple bug was used. "Shane can have the laptop, I want the money," Dai Zovi said in a telephone interview from New York. TippingPoint runs the Zero Day Initiative bug bounty program.'"
CanSecWest organizers actually had to relax the contest rules to make the hack possible, because initially nobody at the event could breach the computers under the original restrictions.
Says it all, really.
Next time you wonder why Mac users are so arrogant about security, read the above passage till you get it.
The folks at CanSecWest miss the point as well: it's not that the Mac is perfect. It's only perfect compared to Windows. Compared to anything else, it's quite nice but not bulletproof.
Stop wasting people's time trying to find a pinprick in OS X and boycott MS until they plug the freakin' levee breaches in Windows. Until you do that, you're just encouraging Microsoft.
Good point! It's well known that Mac users never open Safari nor do they ever use web sites.