Slashdot Mirror

← Back to Stories (view on slashdot.org)

MacBook Air First To Be Compromised In Hacking Contest

Posted by Soulskill on from the potential-reality-tv-show dept.

Multiple readers have written to let us know that the MacBook Air was the first laptop to fall in the CanSecWest hacking contest. The successful hijacking took place only two minutes into the second day of the competition, after the rules had been relaxed to allow the visiting of websites and opening of emails. The TippingPoint blog reveals that the vulnerability was located within Safari, but they won't release specific details until Apple has had a chance to correct the problem. The winner, Charlie Miller, gets to keep the laptop and $10,000. We covered the contest last year, and the results were similar.

26 of 493 comments (clear)

  1. 0wnership by Anonymous Coward · · Score: 5, Funny

    Ah, the pride of 0wnership.

  2. do you hear that ? by Anonymous Coward · · Score: 5, Funny

    the sound of a million fanbois as they screamed Nooooooooooooo i sense i disturbance in the reality distortion generator set comments to flamebait and activate the extra moderation modules captain taco

    1. Re:do you hear that ? by Lovat · · Score: 4, Funny

      You are correct, sir. Flaimbait tags on both the story and half the comments here in 3 . . . 2 . . . 1 . . .

    2. Re:do you hear that ? by ta+bu+shi+da+yu · · Score: 2, Funny

      The assumption that I was criticising him is all yours, good sir.

      --
      XML is like violence. If it doesn't solve the problem, use more.
  3. Better headline by BadAnalogyGuy · · Score: 5, Funny

    Safari browser has massive security hole.

    It's funny how they turned a huge hole in the Safari browser into a commercial for the Mac Air.

    "Small size, big holes"

    1. Re:Better headline by ilikejam · · Score: 5, Funny

      There's a 'yo mama' joke in there somewhere.

      --
      C-x C-s C-x k
  4. Keep the laptop by iliketrash · · Score: 4, Funny

    "The winner, Charlie Miller, gets to keep the laptop and $10,000."

    You mean like when your airplane flight is cancelled and the airline offers you a free ticket. Or when the food at a restaurant is crappy and they give you a coupon to eat there again.

  5. Would you want a Vista machine? by Anonymous Coward · · Score: 1, Funny

    Seriously... Microsoft can't even pay people to take it, let alone get them to put in effort to get one.

  6. Re:Identical articles by Anonymous Coward · · Score: 5, Funny

    The Vista machine would have been hacked quicker if it ran faster

  7. Re:Get the Facts is a better tag. by Anonymous Coward · · Score: 5, Funny

    Yes. The totally unbiased facts from a guy with "Mac" in his username.

  8. Re:Ouch, that didn't take long. by Almahtar · · Score: 2, Funny

    The crap load is a metric unit?

  9. Safari holed, so Apple pushes it to Windows ;) by Marbleless · · Score: 3, Funny

    So it is just coincidence that Apple are now pushing an unsafe Safari to Windows users (http://apple.slashdot.org/article.pl?sid=08/03/27/129236)?

    Or am I being a conspiracy nut? ;)

    --
    --I thought I was wrong once, but I was mistaken.
  10. Re:And in other news..... by linumax · · Score: 5, Funny

    "We Love Microsoft and Hate All Things Apple." O_O Are we on the same slashdot? We all are on the same website; some posters though, are inside the Reality Distortion Field.
  11. Re:Ouch, that didn't take long. by Anonymous Coward · · Score: 3, Funny

    Sorry, you are confusing the Fuck-ton with the Ass-Load. The Imperial Ass-Load is the comparable unit. Fuck-ton is for measuring mass, not volume.

  12. Re:Get the Facts is a better tag. by exley · · Score: 5, Funny

    The contest was also sponsored by the likes of Google, Cisco, Adobe, some security folk... They must all have it in for Apple, oh no Apple is screwed! Plus if you read how the contest was run, it's hard to make the case that this was all pro-MS.

    Get the facts... Up to the point where they support your agenda and then punt.

  13. Re:I think this section is relevant by mrbluze · · Score: 2, Funny

    Pretty much says it all.

    Yeah. A Laptop is safe, even connected to a network, provided you make no contact with the network as the user.

    Like my car - very very safe as long as you don't back it out of the garage.

    --
    Do it yourself, because no one else will do it yourself. [beta blockade 10-17 Feb]
  14. Re:It Might Have Been Harder if... by moderatorrater · · Score: 4, Funny

    You're right. With a stricter firewall, the browser wouldn't have been able to fetch anything over the internet at all.

  15. Re:Identical articles by Basehart · · Score: 2, Funny

    "So the security will be even more relaxed on the third day because Ubuntu and Vista survived the first two days without a hack. The Mac finished last and is out of the race."

    The Mac actually won because it was the first one to be exploited.

  16. Re:Inquiring minds... by moderatorrater · · Score: 5, Funny

    Does "first to be compromised" mean the only one to be compromised? At this time, it was the only one hacked. The contest continue tomorrow.

    Is the contest completely over once one machine is cracked? It continues tomorrow with more 3rd party apps installed that can be used to break into the system. I don't see much chance of the other two making it through tomorrow, but that depends on the programs they install.

    If not, were Windows and Ubuntu cracked minutes or hours after OS X? They're both still un-cracked.

    Does using Firefox on OS X make it uncrackable? If you plug one hole in a sieve, will it hold water?

    Was each OS required to use it's own browser: IE, Safari, and Epiphany? They had to use the software that comes pre-installed on the machine.

    Since Firefox works on all 3 systems, wouldn't that be a better gauge of OS security? Only if Firefox came preinstalled on all 3 systems.

    Where did I come from? Your mother's vagina. Hopefully you've never been back.

    Why is the sky blue? Do I look like Einstein?
  17. Forking Acronyms by Safiire+Arrowny · · Score: 2, Funny

    "Super user do", sounds better than "switch user do", so from here on, that's what it's going to stand for. I'm also changing the G in GNU to stand for GNU *is* Unix. Good day to you.

  18. Re:That VAIO might be worth pwning by jerw134 · · Score: 2, Funny

    If it were in my neighborhood, I might go by and pick one or the other up (if no one beat me to it). I want a lightweight portable to take on the train. Yeah, I'm sure you could just drop by and win one of the laptops. You dolt, these people have been preparing for this contest for the better part of a year, and the Vista and Linux laptops still weren't hacked by the end of day two. I can tell by your posts that you're not that smart, so I have no idea how you think you'd win either of the laptops.
  19. Re:Identical articles by E+IS+mC(Square) · · Score: 3, Funny

    "Maybe I'm being ignorant" he says. Give him a chance. Give him one. ..."but was the same attention devoted to hacking the other systems?" Naah.. he lost it, the ignorant fool.

  20. Re:Owning Beauty by el+americano · · Score: 2, Funny

    All the Apple patches in the world won't save you from this exploit

    How about Firefox + NoScript? Actually I was hoping for an OS vulnerability, something where you can be targeted, but I suppose everyone deserves credit this time around.

    Too bad David Maynor wasn't there. He woulda hacked the MacBook Air in 5 minutes!

    --
    Those are my principles. If you don't like them I have others. -Groucho Marx
  21. Re:Identical articles by Anonymous Coward · · Score: 1, Funny

    If the winner got to keep it if they hacked it, maybe nobody *wanted* to hack the Vista machine? :-)

  22. Re:Identical articles by drsmithy · · Score: 2, Funny

    Well, they let them use a Vista laptop because Windows 7 isn't available yet (not sure it means anything, but Microsoft is still an OS generation behind Apple).

    You seem to have that arse-about-face. In every way except the display system, even Windows NT 3.51, dating from the early '90s, was a generation ahead of OS X until about 10.4/10.5. Vista leapfrogged ahead with the display system, while 10.4 and 10.5 brought in parity with lower level aspects like fine-grained locking and an ACL-based security system (albeit still only applicable to the filesystem). For all intents and purposes they're equivalent, although arguably Windows is slightly ahead because of its better display system and more active development time.

  23. Re:I think the relevant part is: by catwh0re · · Score: 3, Funny
    While this does make sense on the surface, the point of failure is that the hackers are not just entering the competition and trying their luck with random keystrokes. Each person is coming to the event with something they have prepared earlier. (Hence why the machine fell in 2 minutes, it fell with the first attempt.) This hacker targeted the mac for the follow-on benefits, it's a valuable prize and it'll earn him a lot of press. Now he can charge more per hour for his security consulting.

    No one is going to be interested in the fact that it required user-assistance and can't be executed remotely (which are by far the most worrisome.)