back to article Only Ubuntu left standing, as Flash vuln fells Vista in Pwn2Own hacking contest

A laptop running a fully patched version of Microsoft's Vista operating system was the second and final machine to fall in a hacking contest that pitted the security of Windows, OS X and Ubuntu Linux. With both a Windows and Mac machine felled, only the Linux box remained standing following the three-day competition. Shane …

COMMENTS

This topic is closed for new posts.

Page:

Coat

The only machine truly secure from remote exploits...

...is the one not connected to the Internet and locked in a vault.

Additionally, the user is as important a part of the machine's security as the OS is, if not more. All the security in the world won't protect a user from their own actions.

0
0
Flame

Wooohoooo

Goooo Ubuntuu ..

Now Mac Fanboys Can Fire Windows Ones

And Ubuntu Fanboys Can Fire 'em Both

0
0

Pity...

It's a pity they couldn't break the Linux box. Then we would have seen the real security metric: how quickly and effectively does each platform vendor supply a patch for the newly-revealed vulnerability.

My money would be on the Linux vendor to release first, by weeks.

0
0

The importance of source code

Weather it's flash or nvidia drivers; proprietary code is a security problem. It's all right when it works but I'd feel safer if all those who put these little black boxes in the linux platform would open source them or be replaced with things like gnash (when it's finished) and the nvidia nouvou driver.

Otherwise there will always be something you'll never be sure of security wise.

0
0
Silver badge
Thumb Up

... African word meaning "tougher than you"...

And the best part is that it was an out-of-the box unhardened desktop version of a sub-Debian for lazy people. I can hear the crow-eating comment coming.

No real surprise though. The really good laugh was the Fall of the Mighty Apple. The fanbois might stop saying stupid things like "Macs are the most secure things ever". Or "I'd be happy to let my mac outside a firewall without protection", for that matter. Seriously, even if most Linux boxes are more secure by design than macs, I never heard a single penguin-lover say that his/her machine doesn't need protection. (same stands for BSD). It was about time for apple-eaters to wake up.

0
0
Paris Hilton

equal effort?

Be nice to knowhow many hours were spent on creating each hack.

That would give some indication of a) the difficulty of finding the explot and b) any hacker bias for/against an OS as I doubt equal time was spent on the Linux hack as it's much more sexy to hit the big guys

Paris, cos it's Saturday night.... ;-)

0
0
Linux

Shouldn't laugh really :)

hmm I wonder if that exploit would get past firefox?

Or what about Ubuntu and Firefox?

Not sure I buy that guys throwaway line about Ubuntu being easy to crack... talk is cheap - *show me*

Oh and no I just cant resist it...

hahaha :)

0
0

Release time

Well, do not underestimate Microsoft and Apple. I'm fairly certain that if they REALLY want to, they could release a patch within a couple of days.

It's just that they never really want to, and why would they bother rushing to get things patched? It's not like Joe average can do anything about it if they decide to take their sweet time.

0
0
Coat

How about some servers next time?

Although this competition does have some interesting and useful points - and a largely unnoticed one is that "new and shiny" doesn't always equate to "safe and sound" (pricey new hardware and OS often are "protected" for a while by their scarcity on the ground) - it pretty much sews up what most IT professionals have known for years: a "home" platform, regardless of its merits, will fall to a determined hack when it is attacked. This is why major ISPs are removing as much damaging capability on their consumer networks as quickly as possible. Reduce the attack surface from the little farmers with their pitchforks and torches, and everyone can sleep tonight.

Hence the topic: what about a serious server pwn2own contest? Get three major server vendors - like IBM, HP, Sun, etc. - to provide a nice mid-class server platform configured for a "typical" firewall task. A web server, mail server, ecommerce server, etc. Three different OS and hardware platforms (Power/AIX, Intel/Windows, SPARC/Solaris), also patched and configured by the vendors to spec. Then let the games begin: whoever can get the target server to spew unauthorized scripting (should be a suitably innocuous script provided as the test piece by the event organizers) wins. Get the vendors to kick into the kitty for a prize (most competitors won't REALLY want a blade server and disk farm to take home, will they?) and see what come out of this.

I think this would be an important twist in that we'd see what the world would look like if it were reduced to a Utility Computing cloud, with end-users effectively defanged and all work housed inside the Fortress Data Center. I'm sure the result would show the World is not safer in the castle than it is in its huts today. But the lesson needs to go on record just the same.

Mine's the delivery order with 2 pizzas and a twelver of stout, wrapped in the thermal blanket...

0
0
Joke

So no OS bashing please

Good work Ubuntu, I'm proud. Shame that these exploits used against specific OS', could have been used against all. Kind of ruins the victory.

Anyway this exploit being flash based, who uses flash anyway, especially on 64bit systems and with silverlight such a hit. ;)

0
0
Anonymous Coward

Never mind these Fisher Price operating systems....

.. I'll stick with Solaris....

0
0
Bronze badge

Blame/Flame/Shame

Thing is, the vulnerability on the Mac, was Apple's fault (their browser), but the Vista exploit sounds like it was Adobe's fault. As Macaulay pointed out, with a little more work, the exploit would have worked across all three platforms.

Also noted in the article, was the fact that he spent the day switching back and forth between the 2 remaining systems. Perhaps he was more fluent with Windows than Linux ;~) (or couldn't bring himself to let the penguin down and big up Vista)

Still, I like a good laugh, flame on!

0
0
Thumb Up

A good sign

Its fairly good to see that M$ has managed to sort their lives out with security over the past few years. From going with XP and no service packs that is bot netted in minutes to vista taking 2 days and only then with a flaw in Flash. I still wouldnt have vista cos it still sucks.

Its also nice to see a demonstration of the mac getting owned so quickly.

Cudos to penguin boys for keeping their OS safe :)

0
0
Anonymous Coward

More's the Pity ...

Following on from Carlo's comment:

Although useful in raising security awareness in general and, more specifically, demonstrating that most systems can still be hacked even when fully patched, the contest doesn't show the aggregate risk of each OS/application suite. I'd wager that Mac OS X still presents lower exposure overall than Vista SP1, all things considered.

0
0
Silver badge
Linux

Debian laptop in DMZ

(fanboi)

Now I feel allowed to let my Debian laptop sit in the DMZ indefinitely, with no security at all (I disabled all my secure settings, as, you know, I don't need them: it's unhackable anyway)

(/fanboi)

If you wish to give it a try, my IP is 127.0.0.1

0
0
Linux

re: Pity...

Yep we could have been smug about getting the first patch for our machines that don't require terabytes of RAM or dim the lights as the monster graphics card powers-up...

/gloat

...but then we can be so much MORE smug that we probably don't need a patch in the first place - Umbongo rocks! :)

/ungloat

0
0
Jobs Horns

OS X WAS 1st ! OS X was 1st !! OS X WAS 1st !! Bwah ha ha ha ha ha ....

NOT Vista, NOT Linux .... BUT Security Swiss Cheese OS X; and WHAT'S THIS!!?? ... The new release of SaCrapy Safari is ALSO FULL OF SECURITY HOLES, like THAT was a big shock!!

Apple, YOU suck!

OS X, YOU suck!

Mac's SUCK!

AppleTard FUDs, you are stupid and the first three prove it.!

Linux WINS!!!

0
0
Silver badge
Jobs Horns

@ toxic monkey

"I doubt equal time was spent on the Linux hack as it's much more sexy to hit the big guys" yeah sure. Given the very low number of Linux-based middle-sized server with tons of juicey info on them, as compared to the humongous number of win-based servers (not to mention apple-based servers. Bwahahahaha), the results clearly reflect a tendency to hit the big guys first. Or not?

I know that we're talking about desktop versions here, but the OS is the same. If it was about "gig guys", the Linux one would have been pwned on the first day (only OS vulns allowed). "I doubt equal time was spent on the Linux hack as it's much more sexy to hit the big guys". May I laugh again? Plus, the Vista hacker reportedly spent 4 hrs going back and forth across the Vista and Ubuntu machines, the Vista one just proved to be easier to hack into.

No "it's Adobe fault" either. The penguin had flash installed too. Just a bit more safely.

Now, you all M$ fanbois are right: the fact that you're paranoid doesn't mean that they're not after you ;)

At least we must recognise one thing: most of you KNOW that your OS (and the way it allows third-party components to take control) is vulnerable, so MOST of you are careful. The problem is with the unwashed masses being sold an unsecure OS while being told they have nothing to fear ("beware, as the pre-installed software is a malware magnet" is nowhere near a good selling line). Botnets take advantage of that. But be patient: if S. Jobs minions fail to awaken in time, given the growing market share of the elves-powered shiney machines, Mac botnets might well replace Win-botnets in the infamous pantheon of major annoyances (rootkitted Linux servers already got their share, thank you.). When was the last time you met a Mac user understanding the need for low-privilege user accounts?

0
0
Linux

Are you reading this Reg hacks?

Ubuntu - a FREE OS - won. So less of the bloody freetard pejoratives thank you very much. Stick to what you're good at - proper investigative stuff like the excellent work you've done so far on exposing Phorm.

0
0
Coat

Known but not fixed

In fear of starting a whole security debate, if they are only allowed to find unknown exploits, from the 3 systems, what are the numbers for known but unpatched / fixed?

Where's the option for both gates and jobs devil icons?

Mines got 'and they even had the code' on the back

0
0

@ Pierre

"It was about time for apple-eaters to wake up"

We're not all complete idiots you know... *anyone* who thinks their computer is invulnerable to attack is an ass, no matter what OS they're using.

0
0
Boffin

Technically, how does this work?

If he succeeds to headcrab the flash renderer, how does he compromise anything from that point? If the renderer was not running as root or Admin, nothing seriously serious should happen. Or is the idea that he gets to have a non-administrative shell from where further attacks can be tested?

Inquiring minds want to know.

0
0
Anonymous Coward

Oh dear oh dear :)

Just another example to add to my anti-Mac pile of points of things like Mag-safe fire hazard power adapters, Easily scratched iPod nano screens, discolouring macbooks, iTunes apalling UI, Safari being the buggiest browser on the market etc.

I really don't know why people still think Apple is in any way good, it's hardware is feature lacking and low quality despite having a high price tag, it's software is buggy, annoying to use and extremely insecure.

To this day I just don't understand why Apple does so well when it's in fact so crap, it's not like Apple hardware isn't made in a cheap sweatshop in China either, it's low quality tat, plain and simple. Stories like this just prove it further and further day by day yet the zealots persist.

Oh how I laugh at them. Heh. Hehehehe. Hehe. Hahahahahaha. Ahahahah. BWAHAHAHHAHAHAHAHAHA MAC OS X GOT OWNED FIRST.

0
0
Anonymous Coward

@ Brett about servers

I fo one would be interested in bringing a beefy blade server and a couple tens of disks home. Unfortunately I fear I lack the hacking skills to win the prize. Anyway, this contest is already on, you know. Most people DO look at the "hacking history" of the systems before choosing the castle they'll put their data in (sod the beancounters, and the bosses comments about how his nephew's datacenter is good). People buying a laptop (or desktop, for that matter) for home use don't.

Everyone knows that when it comes to security, nothing beats the "silver tower" approach anyway. If you're going for decentralised, externalised datacenters, expect your data to be stolen one day or another (no matter the datacenter, no matter the data transfer protocol. If it's worth, it'll be hacked. And you're not likely to be told anything by the contractor untill it's far too late. If ever.). If you're going for the in-house solution, you'd better hire (and correctly pay) good BOFHs.

In all these "corporate-like" schemes, the danger is well known. Just make sure that your wizzards are good, pay attention to physical security, and you're relatively safe. Here we mostly talk about how easy it is to take control of a desktop machine, bought by Joe Bloggs at the nearest shop. Hacking these can seem pretty harmless for you. Joe Bloggs will be sorry, and that's all, right? Well, not quite. We're talking about how easy it is to recruit Joe Bloggs' computer into a botnet here. You might already know how these make mail filtering painfull, if you're coping with more than a small-to middle organization's mail system. Now imagine that these botnets are coming for you. All these compromised machines, plugged to the intertubes 24/7 for most of them, gazillions of operations per second, busy cracking your security measures. How long do you think your website can stand? A few hours maybe. If you're good. That's not a problem, as the PR droids can take care of that, but you'll still take some heat. Now imagine how long it would take to get into your local network, or to plant malicious code on your world-facing servers, or.... it might be a bit longer, depending on how secure you made these, but still, if it's plugged (and if it's worth the hassle), they'll manage, as long as the botnet has enough computing power. Now, don't you begin to care a bit more about Joe Blogg's machine? The less unsecure Joe Blogg's personnal gaming tool is, the more quietly IT people can sleep. Let's care about Joe Blogg's machine. A lot. Yay for the Pwn2Own contest (and for the old-style VX teams publishing proof-of-principle malware, too).

0
0
RW
Alert

I think I'm obsessed and I know I'm confused

I don't consider myself an MS basher, but lordy, lordy, they keep setting themselves up for...for...for...for "adverse comments". Yes, that's it, adverse comments. Definitely adverse comments!

Something caught my eye in this news article:

"new page protections added by Microsoft's security team [via SP1] prevented the exploit from properly executing."

"Macaulay and Sotirov fashioned some javascript to circumvent the new measure, a feat that effectively allows them 'to render that protection ineffective'"

So MS tinkers with page protection,which is presumably down in the depths of the kernel somewhere, and it's circumvented by JS, which is up in the user-app stratosphere. Does this strike anyone else as more than a little odd? That an interpreted, user-level script can suborn kernel functions in some way?

Or does MS have its own usual strange interpretation (and implementation) of page protection?

Help! I'm confused!

0
0
Linux

Ubuntu african word meaning

so heavily modified it's barely recognizable. I wouldn't try to hack it I don't get what they have done to it. It's much easier to hack something thats not from outer space.

0
0

Desire

I must have been a "desireable machine", since they spent 4 hours on it.

Apple software + security = quicktime

The lesson here is that the Mac was the most coveted machine (2 minutes), then the vista box. I guess nobody wanted the buntu machine.

P.S. When is the FCC chief going to look into the reason why women were not given "a fair opportunity to be winners" at the competition?

0
0
Anonymous Coward

So...

Looks like Vista's fall was because of Adobe's problem and the exploit would have worked on the bitten Apple and smiley penguin. So...

0
0
Anonymous Coward

@Ned Ludd

True, but the gloating from the Mac fanboys gets old. You never hear someone running Vista bragging about how they can leave their box outside the firewall and feel secure. MS users are humble, because they know their stuff is just as insecure as the next guy's. The Apple fanboys that can't stop bragging finally got what was coming to them: a real wake-up call. The rest of us who know better than to think any OS isn't vulnerable; well, today is a day of vindication.

0
0

User security

I'm just curious, did the Flash hack used on the Vista machine require any action by the user on the Vista machine?

Yes, the user is an important part of the security system, and often the weakest link in the chain, but there is a substantial difference between getting someone to click on a link that opens a port on their computer without them knowing it, and being able to hack in without any interaction with the user.

Of course, the Flash vulnerability may have worked equally well on all of the machines. It would be interesting to compare how long it would take to exploit the same vulnerability in each system from scratch.

0
0

Re: Technically, how does this work?

For a desktop system, most interesting processes are going to be running as a single user. If the attack allows them to run arbitrary code as the user, then they can delete all your files, copy all your files, install a keylogger, install an SMTP relay, etc.

If they do need administrative access, they can now use local root exploits as well as remote root exploits (your OS vendor does consider local root exploits important, right?).

0
0
Silver badge
Flame

@AC (oh dear oh dear)

I don't want to have anything to do with MacTards BUT I must recognise that Apple machines are shiney, generally well-designed (ergonomically-speaking. My PC keyboard sucks in comparison, I'm jealous of MacBook power adapter design -not to mention the adaptable "lenghtener". I know, length doesn't matter, but still). As for Safary being "the buggiest browser on the market", sounds like someone never used IE. And to be honest I wouldn't trust a browser which can also move my files around, or a file manager which can access the intarwub (Konqueror, anyone?). My laptop is a cheap "made in China" piece of crap (the pre-installed Vista isn't even able to cope with the keyboard correctly, and the wiring in the innards is so weird I spent ages mapping the ports correctly under Linux -ages being 1 or 2 hours, but still). I wouldn't describe Apple hardware as "low quality". because (let's be honest and dump the balanced point of view), if it was crap, the system wouldn't be able to run for more than 1 hr given how the software is working. Sure, MacBook's case gets awfully hot (company policy is that noisy things are bad, I guess. They prolly ditched the fan and crammed cooling elves in the box) but I wouldn't for sure challenge MY hardware with such loads as Apple hardware has to handle because of the "shiney" software. But I wouldn't run my full-fledged (read crippled) preinstalled Vista Premium on it either...

A real pain in the neck is the non-removable battery. Sure, Apple's batteries are good (my lame 6-cells battery wouldn't last more than 1 year if I kept it in the laptop), but the fact is that I mainly keep the battery OUT, working with the fsking POS plugged in the wall, whenever possible. This way my battery is always available when I really need it. And it will be, for ages, I bet. Almost 2 years already, and I still have 2 to 3 hrs of spare power when I need it (Same as when I bought it. Told you it is a lame battery).

Flame Apple for what they do wrong (Why do they tell everyone it's secure by default? Why can't I easily downgrade my privilege? Why, when I need to debug something, can't I, even if I've got enough privilege to compromise the machine anyway? Why the hell did they remove most usefull feats from the X11 server? Why the one-button mouse? Why is the touchpad config so lame? Why is there no easily-reached console mode anymore? Why is it so expensive? Why is it that when you're working on an Apple machine in an open space, random people feel free to disturb you with annoying small-talk on the ground that they own a mac themselves? ;-) ).

Me, with a Mac? Guess Satan will be skiing before. But still, you have to flame people for what they do wrong, not randomly. Wait, is your automatic flamethrower controller running on Vista, by any chance?

0
0
Silver badge
Unhappy

@ confused RW

That's the price of "user-friendlyness" combined with no proper privilege separation, I guess. I recently saw a malware-like app running on a (fully patched) Vista machine, which kept opening windows containing a 640x480 image as fast as the available memory and processor time allowed it to (roughly 20 windows per second when the system was idle), each one being a single instance of the originatin program (no "kill app" trick allowed). Stupid luser had installed a (seemingly legit) webcam-monitoring app designed for W2K (work-related, mind you. The controller for a microscope-compatible CMOS captor with an USB interface). Of course, as you can imagine, this crashed the system once ~300 frames were open (no matter how fast you can click -and he tried :-D- you cant close 20 windows per second). The system wasn't even able to shut down, as the spawning windows were eating all the CPU power and RAM. Now how come the system gave priority to such processes over the system-critical processes? How come that loging in the machine with another account (my own admin account) didn't help? All along the problem-fixing process, I had to close groups of windows before they reached the critical machine-crashing number... even if the "malicious" process was started under his (relatively low privileged) account. As Super Mighty Admin, I couldn't even remove the responsible *.exe file (that I identified quite fast, while still closing grouped windows every 5 seconds roughly). Because, as Vista told me, "you need authorization" to remove the file.

I'm the bloody admin, dammit!

Had to remove every user-installed app, one by one (while still right-clicking- group closing every 5 seconds or so, remember?) before reaching the guilty one (how could I guess, as it was the only work-related one?). Not bad as I removed a few things that had clearly nothing to do with work, but still. Spend a few painful hours on an issue that would have been fixed on a matter of seconds under Linux (or, more likely, an issue that would never have existed at all under Linux)

I'll be investigating the loophole in my spare time next week, as if it can be reproduced, I might get me a free laptop + 5000$ next year...

0
0
J
Linux

He...

The Flash exploit would have worked on any machine? Does not sound likely, but who knows.

Anyway, no Free Software was harmed in the making of this competition! Yay... Or better: yet...

So, were are the retards who say that having the source code open makes software less secure? Is Safari open? (I think it's not, although based on some open source library?). Flash definitely is not. Both got owned.

0
0
Linux

Flashblock anyone ?

Damn fool if your not running flashblock on FF anyway - cuts down on the crapverts and malware.

0
0
Happy

@Pierre re IP

Pierre,

I tried to hack your IP (127.0.0.1), was easy but it seems you have a copy of my hard drive on there. How did you get it????

0
0
Paris Hilton

What about classic systems..

You know I was wondering if anyone thought of other operating systems being secure and safe to use also.. Ones that I have used and loved have been safer and more secure than today's "modern" operating systems.

How about the Acorn, RiscOS, its a bloody nippy wee system.

BeOS, its still being worked upon, perhaps again its a nippy system.

But the one I love and cherish the most in my heart is Amiga OS, now that's one sexy beast. I do know with personal experience it works very well as a server and client and has yet to be affected by insecurities nor has it been pwned ;) oh and boots in seconds (that's the best part).

/shillings worth

0
0

Just some basic facts

IE on Vista by default runs under a low-privilege account. Basically all it can do is to access the web and write to a secluded cache on disk. It cannot read or write files anywhere else, not even from/to the logged on user who launched IE. This is called protected mode.

Now, sometimes users need to download and save files and/or upload files (photos etc). To this end Vista uses a "broker process" (called ieuser.exe in the task manager), This broker process implements a few functions such as file saving and reading. The broker process talks to the plugins, which can request its services, but they cannot control it. Even if a plugin is vulnerable to an exploit and the entire IE process is pwned, it is still limited in what it can do by this design.

Linux (Ubuntu) does not have anything akin to this. On the typical Linux Firefox executes under the logged-in users account. If FF gets pwned your userspace is owned and the process may delete/change/ftp your files away. I believe that the same is the case of OS/X.

The Vista model is clearly more secure than running the browser under your own account.

So how did this pwnage of Vista happen, you ask? Because Adobe in their wisdom decided that the standard broker process did not meet their needs. For some reason (documented in the flash "type library") the broker process can read/write/create/delete files and launch applications! (go figure). Such a broker process effectively circumvents *any* security precautions imposed by the protected mode. So, the *extra* security of IE does not help one iota when plugin developers are this stupid. When you do something like this you'd better A) absolutely limit the functionality implemented by the broker process and B) audit the living daylight out of that inherently risky code. I still cannot fathom why Flash should be able to launch applications.

But fact remains that the same APIs exists in Flash on *all platforms*. On Vista it does sits outside the plugin (to break out of the sandbox).

That is why the winner of the Vista machine was confident that he could have used it on Ubuntu or OS/X as well. It was a Flash vuln. Cross platform. He didn't gain admin rights; he just got to execute a process as the logged-on user. All the platforms are vulnerable to this.

But the same API is available.

BTW, the "broker process" on vista is called "Flash Helper" in the task manager. That's accurate, I suppose. It just leaves out that the ones it is helping are the blackhats.

0
0
Gates Halo

@Martin Owens

Make money how?

0
0

@J

"Is Safari open?"

It's based on Webkit, same as Konqueror, but Apple has glued a bucketful of proprietary code on to it. My guess would be that the problem lies with the closed-source bits.

*shrug* I'm using FF anyway, if only to have the same browser on all my systems. Good to hear it also makes my Mac a little safer.

And for those baiting the Apple users, go surfing with MS Internet Exploder and MS' standard "security" settings. But I suggest you make a full backup first.

0
0
Gates Halo

@ Pierre re: malware

Simple solution, reboot the computer, insert Vista install DVD, boot recovery and then fire up the console, open terminal window, CD to the directory where the malware is, delete.

The terminal on the install disc is not subject to UAC and is logged in as administrator by default. Spending hours trying to solve a problem then blaming the OS when the issue could be solved in seconds is kind of silly.

Heck, you could even boot up a Linux live CD, mount the NTFS drive with read/write and delete it that way, you just went around the problem with the wrong solution.

Back on topic. The Ubuntu system was always going to win this, but it is nice to see MS (please, M$? it wasn't funny 10 years ago, it isn't funny now) taking a better stance at security, if only the 3rd party vendors would actually do the same. If the vuln in Flash didn't exist, then we would have Vista and Ubuntu remaining standing, a feat which would have been unheard of with XP.

Give it another decade or so, and maybe Linux will be ready to compete with Windows on the desktop, or, the most likely result, Apple's OS will start to get a pretty decent market share, then the EU will step in and force them to remove TPM, so PC users will be able to wonder why such a poor excuse for an OS is actually "popular".

0
0
Heart

kernel changes

good to see no system fell on first day surely that means mac ,vista and ubongo will be free from any kernel exploits in 2008/2009 blissful elysium aahhh days lie ahead :)

0
0

This post has been deleted by a moderator

Thumb Down

Hacker went for value

All this shows is that hackers wanted to come home with the most valuable laptops:

First the mac book, then the vista, and the hell with the linux thingy ( even if it is the same hardware, the Vista one comes with.. Vista! )

Note that the flash exploit is not exactly a windows vulnerability ( nor is it directly a linux or a mac vulnerability ).

For the security-challenged guys who think only root access is a security threat, just consider that the latest vulns in firefox where enough for a hacker to steal your credit card information, send spam and drive ddos attacks from your computer..

0
0
Thumb Up

@Olivier "Hacker went for value"

There was a price of $20,000 on day one, $10,000 on day two and $5,000 on day three in *addition* to the laptop. That's And the prices for the remaining laptops were still offered, and contestants did make attempts at pwning the remaining laptops on both day 2 and 3. The contest continued after the Macbook AIR was pwned.

According to the hacker who took the Vista using a Flash vuln, he could have brought down any of the others using the same vuln; with a few hours tweaking.

0
0
Silver badge

@ David Webb

~1/2 h to reboot the computer from the luser's session (finally had to unplug it as even the logical shutdown button didn't respond). ~1/2 to login, see that my admin account is affected, identify the problem and find out I can't remove it then presumably ~1/2h to find the bloody DVD (either Vista or Knoppix), reboot the computer and remove the stuff -if I am allowed to, that is. How can that be made "in seconds"?

Under Linux, (even if the problem couldn't probably happen at all, but let's assume it did anyway) I would have shut the X server down, logged in as root in a console, found and fixed the problem. 1/4 hr at most, no need to even log the luser off. I could probably even have started an X session and fixed the problem from there if I had wanted to, whithout being bothered by the rogue prog.

And this was caused by a "legit" piece of crappy software that was only doing its job, just "a bit too well" because the luser probably just forgot to install it in "2000/XP compat" mode. Imagine what a really agressive malware based on the same loophole could do.

Anyway, the very fact that this happened in the first place is the real problem. Lame user separation, lame privilege separation, lame admin tools by default.

That's why whatever buggy plugin you install, the penguin will almost always be harder to totally pwn than the MS. The holes in Flash is Adobe's fault. The fact that the OS lets these be a gaping security problem is the OS's fault.

0
0
Thumb Up

@Just some basic facts

Ah, nice explanation there. Thanks.

0
0
Linux

so what?

OSX didn't get hacked. Neither linux nor Vista. So, depending on how smart were the hackers, they are all three reasonably safe.

Although I respect linux and the community that is working hard to give everybody a free, reliable and secure OS, the safari vulnerability will not make me switch to it. It would be useful that more people took a look at the Apple APIs, (core graphics, core image, core animation, core data, etc) and the Quartz compositor, the window manager; many of them would agree that they are 10 years ahead of anything else.

The penguin because Linux is really a pain in the arse for MS

0
0

And the fox leaped again, and missed again..

I smell the distinct scent of sour grapes in that guy's comment. "I could have broken Ubuntu, too." So how come it's still not broken after hours of trying, hmmm?

0
0
Happy

I am sorry......

but what idiot lets there computer outside of a firewall. you deserver all you get if you do that.

Morons.

Would you park your car in a crime hot spot with the keys in it?

Still going to by a Mac though :D

I do have one question about the event: On the windows box, on teh frist day, were you allowed to hack IE and media palyer? I really think you should, as MS considers them part of the OS (remember the lil fight with the EU over that), or has MS changed its mind???

Nice too see the Linux box still standing :D

0
0

Page:

This topic is closed for new posts.

Forums