Posted on 03/27/2010 11:48:17 AM PDT by for-q-clinton
DESPITE THE RABID CLAIMS of Apple fan boys that its software is more secure than anything else on the market, Jobs' Mob products were the first to be trashed again at a Pwn2Own hacking competition.
In fact flaws in the Iphone OS and zero-day vulnerabilities in Apple's Safari 4 web browser made a mockery of Apple's advertising.
Flaws were also found in Mozilla Firefox and Internet Explorer 8 but apparently hackers had some trouble getting around exploitation mitigations in Windows 7, although eventually they did.
Vincenzo Iozzo and Raif Weinmann were the first to successfully hack a mobile device, exploiting a flaw in the Iphone Safari browser to run SMS messages to a remote web server.
Researcher Charlie Miller, principal security analyst at Independent Security Evaluators, quickly exploited a vulnerability in the desktop version of Safari running on Mac OS X. He won $10,000 for the exploit, which was one of 20 zero-day bugs that Apple fanbois deny exist in OS X.
Miller's exploit opened up a remote shell, which he accessed and was able to run any malicious code he wanted. We guess it just worked!
Miller has said in the past that he is unhappy with Jobs' Mob's secure software development processes. While he will be telling them that the flaw that won the competition for him, he will be sitting on the other 19. Perhaps it will act as an incentive for Apple to get off its lazy arse and develop a security policy with some meaning rather than screwing around with punters while at the same time insisting they are safe.
Miller said discovering the 20 zero-day vulnerabilities took him only three weeks using three computers, so who knows what he would have found if he had kept looking.
Microsoft's Internet Exploder 8 eventually got turned over and Peter Vreugdenhil managed to get past its insecurity mitigation technologies. The flaw can be exploited if a user browses to a malicious website.
Fireferret was also successfully exploited by bypassing ASLR and DEP.
UK-based MWR Infosecurity targeted a memory vulnerability. It started a calculator on a laptop running Windows 7.
The most secure web browser out there was Google's Chrome 4 running on Windows 7.
No one bothered to take down Google's Nexus One, a RIM Blackberry Bold 9700 or a Nokia E72 device running Nokia's Symbian OS.
I’ve never even been able to have the Mac users here on FR to even acknowledge there is a liberal cult aspect to Apple. They always deny this.
Nah, they're not hiding. It was the fact that you baited them too strongly in the beginning. Basically, you gave yourself away. Here's a FRiendly bit of fishing advice.
When you bait people, just like fishing, you have to start out more subtle. Keep your first half-dozen comments fairly neutral. Hold off on the name-calling and sarcasm until you've drawn them onto the thread.
Once they've commented, they're hooked, and you can start laying into them hard, and they have to respond! See the beauty of it?
Remember: you can't start reeling 'em in until you've got 'em hooked! That's the first rule of fishing.
> ...the windows is junk thread...
I've been wondering, how come there's no Windows Ping List? As a happy Win7 user (and System Administrator of a company developing Windows software), I consider this unfortunate. There's a Mac Ping List (Swordmaker's), and the Tech Ping List (ShadowAce's) which serves as a Linux list. I use those OSes too, and enjoy those lists. But I can't fathom why no one has started a Windows Ping list.
Do you think there ought to be a Windows Ping List? I'm almost thinking of starting one myself...
Sure that will work when you're fishing for onsies and twosies, but I like to fish with dynamite :-)
I'm sure they do...just like Obama denies he's a racist even though he attended a racist church.
And another thing that makes no sense is how supposed conservatives would want to support a company who run by liberals also have a rabid liberal following.
Oh, BS, Blue...
Sword, can we have you on record where you acknowledge a majority of the Apple users are flaming liberals? Go ahead, say it, it will make you feel better.
let's see YOU prove that assertion, Blue...
Take a stroll through a Apple store. Enough said.
You can tell a person's political beliefs by how they look? Wow!
The most opinionated people I have seen on FR are the anti-Mac crowd. They are always claiming that Mac users are snobs and gay to boot. The anti-Mac crowd seem to have a great deal of emotional involvement in the subject.
All I have ever seen a Mac user do is to tell others to get a Mac, you'll like it. That seems to send you guys into a frenzy of a sort, claiming you can make a much better and faster machine out of banana peels and scotch tape for $.32.
Grow up children! Its not that important what kind of computer people use.
By the way, it's an Apple store not a Apple store.
You must not spend much time in the ABM threads.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.