+ Post New Thread
Results 1 to 11 of 11
IT News Thread, Mac's hacked in seconds second year running! in Other News; Many people may remember Charlie Miller from last year's event where he successfully hacked a MacBook and was able to ...
  1. #1

    ZeroHour's Avatar
    Join Date
    Dec 2005
    Location
    Edinburgh, Scotland
    Posts
    5,641
    Thank Post
    894
    Thanked 1,314 Times in 798 Posts
    Blog Entries
    1
    Rep Power
    441

    Mac's hacked in seconds second year running!

    Many people may remember Charlie Miller from last year's event where he successfully hacked a MacBook and was able to take control over it within seconds, walking away with the MacBook and the grand prize.

    Charlie Miller once again successfully hacked the fully patched MacBook by exploiting a security vulnerability in Safari, Apple's web browser. The hack was accomplished by the team clicking on a link that took control of the machine within seconds. Charlie Miller walked away with the MacBook and the $10,000 top prize after successfully hacking the MacBook the fastest.

    TippintPoint's Zero Day Initiative has acquired exclusive rights to the vulnerability, and will work with Apple to patch the flaw. Details about the attack will not be disclosed until the patch is ready.
    Source: MacBook hacked in seconds, again

    LOL epic fail again!

  2. #2

    Domino's Avatar
    Join Date
    Oct 2006
    Location
    Bromley
    Posts
    4,126
    Thank Post
    215
    Thanked 1,255 Times in 786 Posts
    Blog Entries
    4
    Rep Power
    505
    He had the vuln ready almost since last year...the mac only went down first becasue he had first crack..

    You'll notice firefox and IE went down just after as well - only chrome is still up (no opera in this one..)

    and I don't know how good their reporting is...but its $5,000 per browser, and the machine you compromised

  3. #3

    ZeroHour's Avatar
    Join Date
    Dec 2005
    Location
    Edinburgh, Scotland
    Posts
    5,641
    Thank Post
    894
    Thanked 1,314 Times in 798 Posts
    Blog Entries
    1
    Rep Power
    441
    It went down fastest because it was easiest!
    The other thing is most mac users dont run any security software since they think they are immune. If you were targeted by this hack you wouldnt even know it happened properly where as at least windows users have a chance of it being found via AV,windows defender, windows update malware pack.
    Thats the real point of this, your mac is LESS SECURE THEN WINDOWS VISTA! run software to secure yourself as appropriate and dont just believe lord jobs.

  4. #4

    Little-Miss's Avatar
    Join Date
    Oct 2007
    Location
    London
    Posts
    5,514
    Thank Post
    2,373
    Thanked 742 Times in 455 Posts
    Blog Entries
    2
    Rep Power
    541
    As if there are even competitions out there!!

    I suppose its better then finding out the hard way...

  5. #5
    somabc's Avatar
    Join Date
    Oct 2007
    Location
    London
    Posts
    2,337
    Thank Post
    83
    Thanked 388 Times in 258 Posts
    Rep Power
    111
    Quote Originally Posted by ZeroHour View Post
    It went down fastest because it was easiest!
    The other thing is most mac users dont run any security software since they think they are immune. If you were targeted by this hack you wouldnt even know it happened properly where as at least windows users have a chance of it being found via AV,windows defender, windows update malware pack.
    Thats the real point of this, your mac is LESS SECURE THEN WINDOWS VISTA! run software to secure yourself as appropriate and dont just believe lord jobs.
    Don't believe the hype, windows so called security products would have done nothing to protect you here. These hackers used vulnerabilities that only they knew about, not anything your AV scanner would have picked up. Also they had to click on a link to be infected they could not infect the mac without access.

    PS The Mac was competing with Windows 7, not Vista.

  6. #6

    ZeroHour's Avatar
    Join Date
    Dec 2005
    Location
    Edinburgh, Scotland
    Posts
    5,641
    Thank Post
    894
    Thanked 1,314 Times in 798 Posts
    Blog Entries
    1
    Rep Power
    441
    Yeh vista took longer to hack and they used FF on it. These holes could very easily be known about by the crims considering they are paid much more to find them. Just because no one has found live usage of the exploits it doesnt mean there wont be.

    I know the limitations of the windows freebies but its better then nothing like what you get on a mac. At least there is a chance they find a way to remove it and send it out. TONS have been fixed this way if you pull the stats and it has helped a lot of people.

    My point truly is, if you have a mac and think your immune and dont need AV software think again!
    Its for those out there that think it cant get hacked or that its somehow magically better then windows.

  7. #7

    Domino's Avatar
    Join Date
    Oct 2006
    Location
    Bromley
    Posts
    4,126
    Thank Post
    215
    Thanked 1,255 Times in 786 Posts
    Blog Entries
    4
    Rep Power
    505
    they took about the same time to hack -

    'go to this site, click on that'

    the mac guy went first.....cause he won last year

  8. #8
    Butters's Avatar
    Join Date
    Jun 2008
    Location
    London
    Posts
    534
    Thank Post
    15
    Thanked 51 Times in 45 Posts
    Rep Power
    60
    Quote Originally Posted by Domino View Post
    they took about the same time to hack -

    'go to this site, click on that'

    the mac guy went first.....cause he won last year
    Yea it seems a bit odd that they are glorifying his hacking skill when physically the end user has to click a link to let him in.

    Bit like having to invite a vampire in before he can come in your house.

    "Sorry mate, not tonight"

  9. #9

    Domino's Avatar
    Join Date
    Oct 2006
    Location
    Bromley
    Posts
    4,126
    Thank Post
    215
    Thanked 1,255 Times in 786 Posts
    Blog Entries
    4
    Rep Power
    505
    well - the clever bit was finding that vulnerability - but he is a mac security expert.

    this year theres a whole host of mobile devices involved too - so I expect that'll be interesting once the results are published.

    also: remind me Shaun, what phone do you have.....?

  10. #10
    HAB
    HAB is offline

    Join Date
    Nov 2009
    Location
    ALSAKA
    Posts
    1
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    keylogger binding and remote deployment for quick click user activation

    Can keyloggers such as Aobo Mac OS X Keylogger and Perfect Keylogger for Mac be binded ( disguised eg. video file ) and sent/deployed remotely through email to a target Mac for activation by the user ?

  11. #11
    torledo's Avatar
    Join Date
    Oct 2007
    Posts
    2,928
    Thank Post
    168
    Thanked 155 Times in 126 Posts
    Rep Power
    47
    Quote Originally Posted by ZeroHour View Post
    It went down fastest because it was easiest!
    The other thing is most mac users dont run any security software since they think they are immune. If you were targeted by this hack you wouldnt even know it happened properly where as at least windows users have a chance of it being found via AV,windows defender, windows update malware pack.
    Thats the real point of this, your mac is LESS SECURE THEN WINDOWS VISTA! run software to secure yourself as appropriate and dont just believe lord jobs.
    i've read a number of interviews charlie miller has done over the last year, and i can't remember one where he goes out of his way to recommend users get an anti-virus solution for their mac.

    Also, leopard and snow leopard may be technically less secure than vista/7, but that's different to how safe a user is on the relative platforms. Aren't most [all?] viruses and worms targetted for the windows OS becuase of the economics aspect. The question of why should those who write malicious code for criminal purposes double the time writing exploits for an OS with such a much smaller market share.

    It seems that those who do highlight flaws such as this in OSX and it's apps want Apple themselves to take the onus to secure the operating system, rather than burden users with loads of third party 'security' apps potentially slowing the system down [ i don't think it's the presence of Windows Defender and AV engines that makes Vista the OS more secure but the changes under the hood MS have made],

    Because apple are far less of a niche player then before, and with increased market share they run the risk of not being able to have an OS that makes it more difficult for exploit writers should it become more targeted.

    As others have said, would a zero day problem like this have been picked up by an AV engine, surely OSX users can't do much beyond keeping the OS and Apps patched [which apple presumably recommend], and use a different browser for the mac if they are paranoid about that.
    And hopefully some day Apple can secure the OS in the manner that Miller has repeatedly called for. Ironically, it's Apple who recommend users run anti-Virus on OSX , so it sounds like your on message with 'Lord Jobs'.

SHARE:
+ Post New Thread

Similar Threads

  1. Laptop - PROBLEM,screen goes off after 5 seconds
    By ltunstall in forum Hardware
    Replies: 17
    Last Post: 28th April 2010, 11:18 AM
  2. New netbooks(?) for Year R/Year 1
    By LeMarchand in forum Hardware
    Replies: 15
    Last Post: 12th March 2009, 02:39 PM
  3. New To Mac's
    By SSFC in forum Mac
    Replies: 8
    Last Post: 10th January 2008, 03:27 PM
  4. WEP cracked in 60 Seconds
    By Tom_ONI in forum Wireless Networks
    Replies: 3
    Last Post: 5th April 2007, 10:14 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •