MacBook Hacked In Contest Via Zero-Day Hole in Safari

EMB Numbers writes "Shane Macaulay just won a MacBook as a prize for successfully hacking OS X at CanSecWest conference in Vancouver, BC. The hack was based on a Safari vulnerability found by Dai Zovi and written in about 9 hours. CanSecWest organizers actually had to relax the contest rules to make the hack possible, because initially nobody at the event could breach the computers under the original restrictions. 'Dai Zovi plans to apply for a $10,000 bug bounty TippingPoint announced on Thursday if a previously unknown Apple bug was used. "Shane can have the laptop, I want the money," Dai Zovi said in a telephone interview from New York. TippingPoint runs the Zero Day Initiative bug bounty program.'"

Re:Admin user or regular user?

[Locklin]

Can you easily run safari as admin on osx? Why would this be possible? If it is, thats a security vulnerability in it's self.

It should never be easy for the user to do something completely stupid, otherwise they will!

You are about to send your credit card information over an unencrypted channel Cancel or allow?