back to article Hack-off contestant dubs Apple Safari 'easy pickins'

Apple's Safari browser is likely to be compromised multiple times at an annual hacking contest being held later this month because it's "easy pickins as usual," a researcher specializing in Apple security says. Charlie Miller, the white-hat hacker who successfully felled a MacBook Air at last year's Pwn2Own competition, predicts …

COMMENTS

This topic is closed for new posts.
Thumb Up

Love these contests

I personally love these kinds of events. These are the kinds of people that can expose serious but potentially downplayed or even unknown (for what ever reason) vulnerabilities. The more we know about the flaws in the systems we all use on a daily basis the better off we are and that goes for what ever platform or applications you choose to use. I'm looking forward to the results.

0
0
Bronze badge

OP

Seconded, though I can't help a little giggle at the though of the Mac being owned and not the PC ;-p

Can we have a humble pie/hat eating icon plz?

1
0
Silver badge

Kind of odd though

Don't get me wrong, I'm sure Apple software is vulnerable, it just seems odd that the unit of measure used by this article is the number of people that another person thinks are likely to use vulnerabilities at a hacking conference.

0
0

XP or Vista?

Whichever it is, if Safari doesn't take the dubious honour of being the first to fall, Windows most probably will.

0
0
Bronze badge
Jobs Halo

Wait and see.

I have heard bad things about Safari and I know that they have been busted before. Wait and see. I can't believe Microsoft can put out a secure product. The only thing have done right is Excel.

I gave my sister a Mac because even with anti-virus software and automatic updates turned on there is so much crap on her PC that it is unusable.

0
0
Anonymous Coward

non-executable heap

cunning. but does that mean you can't pass pointers to functions or do functional programming?

0
0

In 2007

"Within hours of Safari's debut in June of 2007, security researchers discovered multiple vulnerabilities that could allow attackers to remotely install malware on the machines of people who used the beta. "

Do you mean safari's 3.0 debut? Safari has been out for many years now.

0
0
Flame

@Hud Dunlap

For starters, remove the anti-virus software. That's the biggest piece of crap that's making it unusable.... Uhh, you are talking about that Mac aren't you?

At lease there's not a booby prize like last year: Fujitsu U810 loaded with Vista.

They hammered away at the Sony - that would be a double score, but opted for the $5000. Oh well, $5k would go to buying a nice laptop.

0
0

Browsers...

"One track will pit hackers against the major browsers, including Safari, Internet Explorer, and Firefox."

What? No Opera? I wish they include it.

0
0
Silver badge
Boffin

Effects of Protected Heap on Legitimate Applications

"cunning. but does that mean you can't pass pointers to functions or do functional programming?"

Sure you can pass pointers to functions, as long as the functions are not on the heap. The pointer is not executed, only the thing it points to.

For functional programming, or in general for any language implementation that generates and runs code on the fly, which includes things like Java JITs, the operating systems provide a system call that removes the no-execute protection from a region of memory. This does not really weaken the protection, since to execute the remove-protection call, the attacker must already be able to make some attack code to execute, so he would already have broken through.

0
0
Alert

@wayne tavitt - you tit

Er this quote

"but does that mean you can't pass pointers to functions or do functional programming?"

is the stupidest thing I have ever read! Honestly what was that supposed to mean?!?!? A word of advice, if you don't know about these things, then please don't comment on them. Reading that comment made so angry that I punched my cat.

0
0
Anonymous Coward

RE: XP or Vista

"Whichever it is, if Safari doesn't take the dubious honour of being the first to fall, Windows most probably will."

Last year, Vista only fell because of a hole in Flash.

0
0
Anonymous Coward

(untitled)

Excel "done right" ? As someone who enjoys tracing their family tree, I can assure that the mess Excel makes of older dates doesn't allow it the label "right". I have to use an extended date add-in to correct the bug.

0
0
Flame

IE8

is a major browser? I thought it was still in beta. The major variants of IE would be 6 and 7 with possibly a few 5s left in the world.

Of course the current variants of IE have about as many holes as a gill net.

A query, if Safari is based on the Konqueror rendering engine, how come Konqueror does not seem to have all of these discovered weaknesses?

0
0

RE: XP or Vista

Errr… don’t you mean Safari vs IE? In which case you’d need to specify which Safari (3?) vs which IE (8?)… I believe IE7 was flawed from a security point of view, but IE8 is meant to fix most of these problems. I say “believe” and “meant” as little blue is gone from my machines, apart from world which seems to run IE6, but I did hear rumours that XP SP2 is coming soon here!!!

0
0

RE:(untitled)

Perhaps you should stop trying to force a spreadsheet to do a databases job?

0
0
Flame

Predictions=talking out of your ass?

He may be right, but it seems that predictions in general are usually about as accurate as Bill G's famous "640K ought to be enough for anyone" quote.

0
0
Anonymous Coward

True but..

"I gave my sister a Mac because even with anti-virus software and automatic updates turned on there is so much crap on her PC that it is unusable."

You do know that the crap would be stuff she installed herself and most likely clicked "ok" repeatidly on. Just as she will do on the mac right.

1
0

@myself

I, of course, meant "work" instead of "world" in that gibberish I just posted.

0
0
NB
Flame

@Predictions=talking out of your ass?

``He may be right, but it seems that predictions in general are usually about as accurate as Bill G's famous "640K ought to be enough for anyone" quote.''

much as I hate Billy G (I'm a rabid linux zealot), that quote is a fucking urban legend. He never actually said it. Do some research next time ple ase.

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9101838

0
0
Anonymous Coward

RE:RE:(untitled)

Perhaps the general public should not be expected to learn about databases when all they need is a simple spreadsheet function. It doesn't excuse the bug anyway.

0
0

Apple Safari Security Issue

A couple hours ago I posted a short message on the Windows itunes forum board with a link to an article similar to this one concerning the Safari security issue. Within thirty minutes or less I received the following e-mail message:

(Big Mouth Barker),

Apple removed your post on Apple Discussions, titled "Heads up everybody regarding Safari," because it contained the following:

* Off-topic or non-technical posts

We are including a copy of your post at the end of this email for your reference.

Our terms of use, which include helpful information about using Apple Discussions, are located here: http://discussions.apple.com/help.jspa we encourage you to continue using the Apple Discussions while abiding by our terms of use.

If you would like to send feedback to Apple about a product, please use the appropriate selection here: http://www.apple.com/feedback

As part of submitting feedback, please read the Unsolicited Idea Submission Policy linked to the feedback page.

Kind regards,

Apple Discussions staff

++++++++++

A copy of your message for reference:

http://www.theregister.co.uk/2009/03/03/safari_at_pwn2own/

Security Issues. Must read article.

Issue No 1: Talk about double standards from Apple. Keep the following in mind when considering this issue: When I installed the iTunes desktop player Safari was not present nor did I want to download the browser. I tried it once and I realized from the getgo that this browser was going to be trouble. So I immediately removed it from my system. In this case, the iTunes player is downloading the browser for setup through the automatic updater. I feel that the subject matter that I posted on the forum was very relevant since it was being downloaded by the desktop player. It appears by the links that was provided in the e-mail that Apple does not like to hear critics talking about their products. Also, in their lack of response to the security issues by Apple, it also seem like they do not care about anything but profit.

Issue No 2: The iTunes Desktop Player may also have security issues as well. In the past couple of days I found the following entry in my DNS Cache Table:

C:\WhosIP\whosip>whosip -r 151.159.218.216

WHOIS Source: RIPE NCC

IP Address: 151.159.218.216

Country: EU # Country is really world wide

Network Name: EU-ZZ-151

Owner Name: Various Registries

From IP: 151.0.0.0

To IP: 151.255.255.255

Allocated: Yes

Contact Name: Internet Assigned Numbers Authority

Address: see http://www.iana.org.

Email: bitbucket@ripe.net

Abuse Email:

Phone:

Fax:

WHOIS Record:

% This is the RIPE Whois query server #2.

% The objects are in RPSL format.

%

% Rights restricted by copyright.

% See http://www.ripe.net/db/copyright.html

% Information related to '151.0.0.0 - 151.255.255.255'

inetnum: 151.0.0.0 - 151.255.255.255

netname: EU-ZZ-151

descr: Various Registries

country: EU # Country is really world wide

remarks: These addresses were issued by

The IANA before the formation of

Regional Internet Registries.

http://www.iana.org/assignments/ipv4-address-space

org: ORG-NCC1-RIPE

admin-c: IANA1-RIPE

tech-c: IANA1-RIPE

status: ALLOCATED UNSPECIFIED

mnt-by: RIPE-NCC-HM-MNT

mnt-lower: RIPE-NCC-HM-MNT

mnt-routes: RIPE-NCC-RPSL-MNT

changed: ripe-dbm@ripe.net 20030502

changed: hostmaster@ripe.net 20030621

changed: hostmaster@ripe.net 20050202

source: RIPE

organisation: ORG-NCC1-RIPE

org-name: RIPE NCC

org-type: RIR

address: RIPE Network Coordination Centre

address: P.O. Box 10096

address: 1001 EB Amsterdam

address: The Netherlands

phone: +31 20 535 4444

fax-no: +31 20 535 4445

e-mail: hostmaster@ripe.net

admin-c: CREW-RIPE

\tech-c: CREW-RIPE

ref-nfy: hm-dbm-msgs@ripe.net

mnt-ref: RIPE-NCC-RIS-MNT

mnt-ref: RIPE-NCC-HM-MNT

notify: hm-dbm-msgs@ripe.net

mnt-by: RIPE-NCC-HM-MNT

changed: hostmaster@ripe.net 20040417

changed: hostmaster@ripe.net 20070319

source: RIPE

role: Internet Assigned Numbers Authority

address: see http://www.iana.org.

e-mail: bitbucket@ripe.net

admin-c: IANA1-RIPE

tech-c: IANA1-RIPE

nic-hdl: IANA1-RIPE

remarks: For more information on IANA services

remarks: go to IANA web site at http://www.iana.org.

mnt-by: RIPE-NCC-MNT

changed: bitbucket@ripe.net 20010411

source: RIPE

I take security very seriously by keeping a close eye on my Host File as well as the DNS Table. The only program running at the time of this discovery was iTunes and I had not sufred the web when I descovered the entry. The following message was with the IP entry: “Scan iTunes”. In my view I believe it is time to form a coalition to approach iTunes and flat out tell them that they should pull these products with security issues if they are not going to do anything about it.

Big Mouth Barker

0
0
Bronze badge

RE:(untitled)

"Perhaps you should stop trying to force a spreadsheet to do a databases job?"

Especially since there is several freeware Genealogy software available which use the standard GED format for their files. Not to mention the plethora of on-line sites which offer the same service.

(wife recently decided to dive into genealogy. I learnt more than I wanted)

0
0
Bronze badge
Flame

@Paul - RE:RE:(untitled) (Redux)

And since when is a family tree a job that requires a database? This would seem an ideal application for a spreadsheet. Or are you one of these idiots who think that the recent mania for applications to store data and settings as XML in MySQL or SQLite databases is actually a good idea?

0
0
Bronze badge

Addendum to my previous ranty comment.

I've just reread my last comment and it sounds rather pillocky. By "applications" I actually meant random desktop applications. Believe it or not, I fully endorse business applications responsibly storing data in a properly set up database.

0
0
Gold badge
Coat

@seatrotter

Because, while they don't mind a few low-hanging fruit, allowing windfalls to participate would make things a tad too easy.

Viz: Opera security related articles here recently.

Jeeves? Lay out my flameproof vest, I'm expecting some Opera fanbois for tea.

0
0
Linux

Apple crumble

Seems odd the iPhone has a non-executable heap where Safari can't, or am I missing something?

0
0
This topic is closed for new posts.

Forums