Slashdot Mirror

← Back to Stories (view on slashdot.org)

MacBook Hacked In Contest Via Zero-Day Hole in Safari

Posted by Zonk on from the and-the-winner-is dept.

EMB Numbers writes "Shane Macaulay just won a MacBook as a prize for successfully hacking OS X at CanSecWest conference in Vancouver, BC. The hack was based on a Safari vulnerability found by Dai Zovi and written in about 9 hours. CanSecWest organizers actually had to relax the contest rules to make the hack possible, because initially nobody at the event could breach the computers under the original restrictions. 'Dai Zovi plans to apply for a $10,000 bug bounty TippingPoint announced on Thursday if a previously unknown Apple bug was used. "Shane can have the laptop, I want the money," Dai Zovi said in a telephone interview from New York. TippingPoint runs the Zero Day Initiative bug bounty program.'"

6 of 156 comments (clear)

  1. Re:The Register is more informative. by jcr · · Score: 0, Troll

    There's a market for Vista vulnerabilities that pays far more than $25K for a zero-day exploit. You can bet than many more have been found, and are in use by zombie-net operators right now.

    -jcr

    --
    The only title of honor that a tyrant can grant is "Enemy of the State."
  2. Karma be dammned by The+Bungi · · Score: 0, Troll

    It says a lot about you and about Slashdot that you can hop on an article about someone hacking OS X, do your "M$ Windoze" routine and then get modded up for it. Seriously though, I'm sure that once Taco figures out his MySQL problems he'll have a tasty Microsoft FUD story for you to comment on. I suggest you wait for that?

  3. Re:The Register is more informative. by toadlife · · Score: 0, Troll

    Nah. Everyone knows marketshare has nothing to do with which platforms hackers target. If anything hackers would want to crack Vista just for the the notoriety. /offtopic rant: To the asshole that follows me around modding all my posts down: Keep wasting your mod point shithead. I've got more Karma than you'll ever have mod-points.

    --
    I don't always use unix-like operating systems; but when I do, I prefer FreeBSD.
  4. Re:switcher by Tickletaint · · Score: 0, Troll

    You know what's scary? I could tell you're a Mac user from the "oh-so-indie" spelling of "ur."

    --
    Make Slashdot readable! See journal.
  5. Re:Admin user or regular user? by Locklin · · Score: 1, Troll

    Can you easily run safari as admin on osx? Why would this be possible? If it is, thats a security vulnerability in it's self.

    It should never be easy for the user to do something completely stupid, otherwise they will!

    You are about to send your credit card information over an unencrypted channel Cancel or allow?

    --
    "Knowledge is the only instrument of production that is not subject to diminishing returns" -Journal of Political Econom
  6. Re:Explanatin of rules relaxation by Tickletaint · · Score: 0, Troll

    Indeed, this exploit is of absolutely no concern to anyone who doesn't use the internet, and anyone stating otherwise is a "FUDmeister."

    Is "Apple-haters" the new "lib'ruls"? IOW, people with legitimate concerns who get dismissed as traitors by people who were never real Mac users to begin with?

    Why do you hate Apple? Stop emboldening the enemy.

    --
    Make Slashdot readable! See journal.