Posted on 03/27/2010 11:48:17 AM PDT by for-q-clinton
DESPITE THE RABID CLAIMS of Apple fan boys that its software is more secure than anything else on the market, Jobs' Mob products were the first to be trashed again at a Pwn2Own hacking competition.
In fact flaws in the Iphone OS and zero-day vulnerabilities in Apple's Safari 4 web browser made a mockery of Apple's advertising.
Flaws were also found in Mozilla Firefox and Internet Explorer 8 but apparently hackers had some trouble getting around exploitation mitigations in Windows 7, although eventually they did.
Vincenzo Iozzo and Raif Weinmann were the first to successfully hack a mobile device, exploiting a flaw in the Iphone Safari browser to run SMS messages to a remote web server.
Researcher Charlie Miller, principal security analyst at Independent Security Evaluators, quickly exploited a vulnerability in the desktop version of Safari running on Mac OS X. He won $10,000 for the exploit, which was one of 20 zero-day bugs that Apple fanbois deny exist in OS X.
Miller's exploit opened up a remote shell, which he accessed and was able to run any malicious code he wanted. We guess it just worked!
Miller has said in the past that he is unhappy with Jobs' Mob's secure software development processes. While he will be telling them that the flaw that won the competition for him, he will be sitting on the other 19. Perhaps it will act as an incentive for Apple to get off its lazy arse and develop a security policy with some meaning rather than screwing around with punters while at the same time insisting they are safe.
Miller said discovering the 20 zero-day vulnerabilities took him only three weeks using three computers, so who knows what he would have found if he had kept looking.
Microsoft's Internet Exploder 8 eventually got turned over and Peter Vreugdenhil managed to get past its insecurity mitigation technologies. The flaw can be exploited if a user browses to a malicious website.
Fireferret was also successfully exploited by bypassing ASLR and DEP.
UK-based MWR Infosecurity targeted a memory vulnerability. It started a calculator on a laptop running Windows 7.
The most secure web browser out there was Google's Chrome 4 running on Windows 7.
No one bothered to take down Google's Nexus One, a RIM Blackberry Bold 9700 or a Nokia E72 device running Nokia's Symbian OS.
It's a little under 50,000,000 right now... but that probably will be changing rapidly.
OSX passed the 30 million mark three years ago... and Apple has been selling approximately 10 million a year since then... Allowing for retirement and destruction of replaced machines, the current estimate is a little under 50,000,000 OSX Macs in operation.
One usually has to go to MSDNC to see this kind of quality reporting. Long on opinion, short on facts. Fact - many systems were beaten. Which took the longest - can’t really tell. Which leave users most vulnerable - again, can’t really tell. If nothing else, I hope the authors ax is now sharp...
I read that Mac OS X with Safari was the first to be beaten (at least of the computer type systems...iPhone may have been actually the first though).
A little more info at this link. Not sure why they aren’t including more detail, nerds eat this stuff up...
Yup. What I'd be most interested in learning is if any of the attacks elevated the attacker's privs to allow them to actually install software or (silently) make changes to the existing configuration. If it's just an overflow that crashes a browser, that's one thing. If it allws for the installation of a trojan, that's completely different. These are the types of details that would make the article actually informative, rather than just a pithy opinion piece.
Regarding it time involved for the hack, in this type of scenerio, it is really meaningless as these people come with prepared scripts and/or websites to exploit previously discovered defects. OTOH, if it takes someone 10 minutes from the start of the attack to the successful exploit, that would generally indicate the attack is impractical from an autmataed attacker's perspective.
These speed competitions are exciting, and make a lot of splash, but aren't all that useful for system comparisons. Any system can be compromised, given physical access to the machine. Every system.
We all realize that in a speed competition like this, it's really about how prepared the hacker is, how quickly their script runs, etc. The simplicity or complexity of the exploit has little to do with it, since these are all scripted and practiced ahead of time. The time it takes to execute actually has very little relevance to the relative security of the system -- ANY compromise is a compromise. And every system can be compromised if you have physical access to it.
Almost every existing real virus is based on OLD exploits, in systems that aren't patched, or whose operators allow them to be compromised. Very few real viruses are based on recently discovered exploits, and those that are, are extremely newsworthy.
Speaking as a life-long (58, since 1970) computer professional with decades of experience in ALL these systems, a more meaningful speed/time-releated measurement would be this:
Starting at the date/time of the competition, how long will it take for the successful exploit to be realized in a self-replicating virus?Right? Otherwise, who gives a damn? Seriously. We all know and agree that every system has flaws and can be compromised given physical access to the machine. What matters is whether it can be realized as a virus that can travel.
In that regard, Win7, OS-X, Linux, BSD, are all quite robust these days, and improving.
Anything less than a self-replicating virus is just wanking in the laboratory, and some marketing-driven contrived competitions based on having physical access to the box. Exciting? Sure. Meaningful? Not so much. Let's not confuse this sideshow with reality, which is tens of millions of computers in the wild, not one computer in a lab.
1. Apple fanbois (in article itself)
2. Apple zealots (in post #1)
3. Macbots (#3)
4. Swordmaker and the other Macbots (Specifc mention of fellow freeper at post #12)
So. We have 46 posts. 4 insults to people who use Apple computers. One aimed specifically at a fellow freeper. Zero similar insults aimed at MS-Windows users.
That means absolutely nothing... As I understand the rules, the time slots are drawn by lots except that last year's winner, if he is competing, always gets the first shot. Charlie Miller has been the winner for the last four years. That means that since Charlie Miler has the first 15 minute slot to make the first attempt. The rest have to wait their turn. Ergo, since he was up first, and he made his attempt at OSX, it got beaten first.
that's the 2008 contest...
And that is your damage control? That is pretty weak. The article does say that IE8 with Win 7 was a bit tougher than usual and they thought it was going to go unbeaten. But it went down as well...but just not as quickly as OS X with Safari (regardless of order).
Damage control? Not doing damage control... just reporting the truth. Window7 Took a lot from OSX...
On the first day, contestants were only allowed to attack the machines over the network. The second day, Thursday, allowed hackers to command contest officials to do small speccific tasks, and this is when Miller soared. He asked officials to visit a specific site, giving him near instant control of the MacBook Air through a Safari exploit.
It’s likely the reason the Mac was hacked first is because it may have been the most sought after prize. After all, it is a free MacBook Air. Despite the machine’s allure, the Vaio and Fujitsu would make great second-place prizes, but the hackers were unable to breach Linux and Vista — yes, the remixed Windows XP mess that is known as Vista held its ground on the second day. Vista didn’t even budge as Shane Macauley, one of last year’s winners, spent a good chunk of Thurday trying to crack it
Maybe it's just me but a hacker being able to read my files is a pretty big deal...all for just visiting a website. So if that website is run by one of those "inferior" non Mac OS's that may actually be harder to crack, but none-the-less inferior and had been eploited that hacker could then own the data on your OS X machine. Not good.
Ah...I was wondering why that link said VISTA and not win 7...I thought it was a typo.
I had no idea OS X was this weak a year ago! Man I haven’t been keeping up.
I know you need to go to the windows is junk thread to see the attacks on windows and its userbase.
In this thread the Mac guys hid from it as long as possible, but in those windows (and linux) is hacked threads they are all over the place and early.
Swordmaker what ideas were borrowed/stolen from OSX that were implemented in Windows 7? This ought to be good...
Swordmaker what ideas were borrowed/stolen from OSX that were implemented in Windows 7? This ought to be good...
And they really haven’t jumped in on this thread either.
http://www.freerepublic.com/focus/f-news/2482396/posts
But of course it may be becuase the title is misleading. But it does say Apple as pulled all ads from Fox News because it doesn’t like its politics.
Not sure how well that goes over with them on a conservative forum.
I know MS has some liberal issues too, but nothing as bad as Apple. And MS won a Freedom Award...the highest employer recognition award by DoD. http://www.freedomaward.mil/
http://blog.seattlepi.com/microsoft/archives/179508.asp
So from a conservative stand point and now even security stand point I’d say Microsoft is the better option between teh two for now.
That was one of the most surprising aspects of this years contest., and is actually a really promising sign. It probably won't happen, but I'd love to see a year go by with no successful hacks. I think it's great that all three major OSs had no non-user-initiated remote exploits. That's good for the vendors, and good for the users as well.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.