back to article Hack-off contestant dubs Apple Safari 'easy pickins'

Apple's Safari browser is likely to be compromised multiple times at an annual hacking contest being held later this month because it's "easy pickins as usual," a researcher specializing in Apple security says. Charlie Miller, the white-hat hacker who successfully felled a MacBook Air at last year's Pwn2Own competition, …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Thumb Up

    Love these contests

    I personally love these kinds of events. These are the kinds of people that can expose serious but potentially downplayed or even unknown (for what ever reason) vulnerabilities. The more we know about the flaws in the systems we all use on a daily basis the better off we are and that goes for what ever platform or applications you choose to use. I'm looking forward to the results.

  2. b166er

    OP

    Seconded, though I can't help a little giggle at the though of the Mac being owned and not the PC ;-p

    Can we have a humble pie/hat eating icon plz?

  3. Thomas

    Kind of odd though

    Don't get me wrong, I'm sure Apple software is vulnerable, it just seems odd that the unit of measure used by this article is the number of people that another person thinks are likely to use vulnerabilities at a hacking conference.

  4. Remy Redert

    XP or Vista?

    Whichever it is, if Safari doesn't take the dubious honour of being the first to fall, Windows most probably will.

  5. Hud Dunlap
    Jobs Halo

    Wait and see.

    I have heard bad things about Safari and I know that they have been busted before. Wait and see. I can't believe Microsoft can put out a secure product. The only thing have done right is Excel.

    I gave my sister a Mac because even with anti-virus software and automatic updates turned on there is so much crap on her PC that it is unusable.

  6. Anonymous Coward
    Anonymous Coward

    non-executable heap

    cunning. but does that mean you can't pass pointers to functions or do functional programming?

  7. Ryan Hass

    In 2007

    "Within hours of Safari's debut in June of 2007, security researchers discovered multiple vulnerabilities that could allow attackers to remotely install malware on the machines of people who used the beta. "

    Do you mean safari's 3.0 debut? Safari has been out for many years now.

  8. Player_16
    Flame

    @Hud Dunlap

    For starters, remove the anti-virus software. That's the biggest piece of crap that's making it unusable.... Uhh, you are talking about that Mac aren't you?

    At lease there's not a booby prize like last year: Fujitsu U810 loaded with Vista.

    They hammered away at the Sony - that would be a double score, but opted for the $5000. Oh well, $5k would go to buying a nice laptop.

  9. seatrotter

    Browsers...

    "One track will pit hackers against the major browsers, including Safari, Internet Explorer, and Firefox."

    What? No Opera? I wish they include it.

  10. MacroRodent
    Boffin

    Effects of Protected Heap on Legitimate Applications

    "cunning. but does that mean you can't pass pointers to functions or do functional programming?"

    Sure you can pass pointers to functions, as long as the functions are not on the heap. The pointer is not executed, only the thing it points to.

    For functional programming, or in general for any language implementation that generates and runs code on the fly, which includes things like Java JITs, the operating systems provide a system call that removes the no-execute protection from a region of memory. This does not really weaken the protection, since to execute the remove-protection call, the attacker must already be able to make some attack code to execute, so he would already have broken through.

  11. Anonymous Coward
    Alert

    @wayne tavitt - you tit

    Er this quote

    "but does that mean you can't pass pointers to functions or do functional programming?"

    is the stupidest thing I have ever read! Honestly what was that supposed to mean?!?!? A word of advice, if you don't know about these things, then please don't comment on them. Reading that comment made so angry that I punched my cat.

  12. Anonymous Coward
    Anonymous Coward

    RE: XP or Vista

    "Whichever it is, if Safari doesn't take the dubious honour of being the first to fall, Windows most probably will."

    Last year, Vista only fell because of a hole in Flash.

  13. Anonymous Coward
    Anonymous Coward

    (untitled)

    Excel "done right" ? As someone who enjoys tracing their family tree, I can assure that the mess Excel makes of older dates doesn't allow it the label "right". I have to use an extended date add-in to correct the bug.

  14. R Callan
    Flame

    IE8

    is a major browser? I thought it was still in beta. The major variants of IE would be 6 and 7 with possibly a few 5s left in the world.

    Of course the current variants of IE have about as many holes as a gill net.

    A query, if Safari is based on the Konqueror rendering engine, how come Konqueror does not seem to have all of these discovered weaknesses?

  15. Big Bear

    RE: XP or Vista

    Errr… don’t you mean Safari vs IE? In which case you’d need to specify which Safari (3?) vs which IE (8?)… I believe IE7 was flawed from a security point of view, but IE8 is meant to fix most of these problems. I say “believe” and “meant” as little blue is gone from my machines, apart from world which seems to run IE6, but I did hear rumours that XP SP2 is coming soon here!!!

  16. Paul

    RE:(untitled)

    Perhaps you should stop trying to force a spreadsheet to do a databases job?

  17. Anonymous Coward
    Flame

    Predictions=talking out of your ass?

    He may be right, but it seems that predictions in general are usually about as accurate as Bill G's famous "640K ought to be enough for anyone" quote.

  18. Anonymous Coward
    Anonymous Coward

    True but..

    "I gave my sister a Mac because even with anti-virus software and automatic updates turned on there is so much crap on her PC that it is unusable."

    You do know that the crap would be stuff she installed herself and most likely clicked "ok" repeatidly on. Just as she will do on the mac right.

  19. Big Bear

    @myself

    I, of course, meant "work" instead of "world" in that gibberish I just posted.

  20. NB
    Flame

    @Predictions=talking out of your ass?

    ``He may be right, but it seems that predictions in general are usually about as accurate as Bill G's famous "640K ought to be enough for anyone" quote.''

    much as I hate Billy G (I'm a rabid linux zealot), that quote is a fucking urban legend. He never actually said it. Do some research next time ple ase.

    http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9101838

  21. Anonymous Coward
    Anonymous Coward

    RE:RE:(untitled)

    Perhaps the general public should not be expected to learn about databases when all they need is a simple spreadsheet function. It doesn't excuse the bug anyway.

  22. Big Mouth Barker

    Apple Safari Security Issue

    A couple hours ago I posted a short message on the Windows itunes forum board with a link to an article similar to this one concerning the Safari security issue. Within thirty minutes or less I received the following e-mail message:

    (Big Mouth Barker),

    Apple removed your post on Apple Discussions, titled "Heads up everybody regarding Safari," because it contained the following:

    * Off-topic or non-technical posts

    We are including a copy of your post at the end of this email for your reference.

    Our terms of use, which include helpful information about using Apple Discussions, are located here: http://discussions.apple.com/help.jspa we encourage you to continue using the Apple Discussions while abiding by our terms of use.

    If you would like to send feedback to Apple about a product, please use the appropriate selection here: http://www.apple.com/feedback

    As part of submitting feedback, please read the Unsolicited Idea Submission Policy linked to the feedback page.

    Kind regards,

    Apple Discussions staff

    ++++++++++

    A copy of your message for reference:

    http://www.theregister.co.uk/2009/03/03/safari_at_pwn2own/

    Security Issues. Must read article.

    Issue No 1: Talk about double standards from Apple. Keep the following in mind when considering this issue: When I installed the iTunes desktop player Safari was not present nor did I want to download the browser. I tried it once and I realized from the getgo that this browser was going to be trouble. So I immediately removed it from my system. In this case, the iTunes player is downloading the browser for setup through the automatic updater. I feel that the subject matter that I posted on the forum was very relevant since it was being downloaded by the desktop player. It appears by the links that was provided in the e-mail that Apple does not like to hear critics talking about their products. Also, in their lack of response to the security issues by Apple, it also seem like they do not care about anything but profit.

    Issue No 2: The iTunes Desktop Player may also have security issues as well. In the past couple of days I found the following entry in my DNS Cache Table:

    C:\WhosIP\whosip>whosip -r 151.159.218.216

    WHOIS Source: RIPE NCC

    IP Address: 151.159.218.216

    Country: EU # Country is really world wide

    Network Name: EU-ZZ-151

    Owner Name: Various Registries

    From IP: 151.0.0.0

    To IP: 151.255.255.255

    Allocated: Yes

    Contact Name: Internet Assigned Numbers Authority

    Address: see http://www.iana.org.

    Email: bitbucket@ripe.net

    Abuse Email:

    Phone:

    Fax:

    WHOIS Record:

    % This is the RIPE Whois query server #2.

    % The objects are in RPSL format.

    %

    % Rights restricted by copyright.

    % See http://www.ripe.net/db/copyright.html

    % Information related to '151.0.0.0 - 151.255.255.255'

    inetnum: 151.0.0.0 - 151.255.255.255

    netname: EU-ZZ-151

    descr: Various Registries

    country: EU # Country is really world wide

    remarks: These addresses were issued by

    The IANA before the formation of

    Regional Internet Registries.

    http://www.iana.org/assignments/ipv4-address-space

    org: ORG-NCC1-RIPE

    admin-c: IANA1-RIPE

    tech-c: IANA1-RIPE

    status: ALLOCATED UNSPECIFIED

    mnt-by: RIPE-NCC-HM-MNT

    mnt-lower: RIPE-NCC-HM-MNT

    mnt-routes: RIPE-NCC-RPSL-MNT

    changed: ripe-dbm@ripe.net 20030502

    changed: hostmaster@ripe.net 20030621

    changed: hostmaster@ripe.net 20050202

    source: RIPE

    organisation: ORG-NCC1-RIPE

    org-name: RIPE NCC

    org-type: RIR

    address: RIPE Network Coordination Centre

    address: P.O. Box 10096

    address: 1001 EB Amsterdam

    address: The Netherlands

    phone: +31 20 535 4444

    fax-no: +31 20 535 4445

    e-mail: hostmaster@ripe.net

    admin-c: CREW-RIPE

    \tech-c: CREW-RIPE

    ref-nfy: hm-dbm-msgs@ripe.net

    mnt-ref: RIPE-NCC-RIS-MNT

    mnt-ref: RIPE-NCC-HM-MNT

    notify: hm-dbm-msgs@ripe.net

    mnt-by: RIPE-NCC-HM-MNT

    changed: hostmaster@ripe.net 20040417

    changed: hostmaster@ripe.net 20070319

    source: RIPE

    role: Internet Assigned Numbers Authority

    address: see http://www.iana.org.

    e-mail: bitbucket@ripe.net

    admin-c: IANA1-RIPE

    tech-c: IANA1-RIPE

    nic-hdl: IANA1-RIPE

    remarks: For more information on IANA services

    remarks: go to IANA web site at http://www.iana.org.

    mnt-by: RIPE-NCC-MNT

    changed: bitbucket@ripe.net 20010411

    source: RIPE

    I take security very seriously by keeping a close eye on my Host File as well as the DNS Table. The only program running at the time of this discovery was iTunes and I had not sufred the web when I descovered the entry. The following message was with the IP entry: “Scan iTunes”. In my view I believe it is time to form a coalition to approach iTunes and flat out tell them that they should pull these products with security issues if they are not going to do anything about it.

    Big Mouth Barker

  23. Neoc

    RE:(untitled)

    "Perhaps you should stop trying to force a spreadsheet to do a databases job?"

    Especially since there is several freeware Genealogy software available which use the standard GED format for their files. Not to mention the plethora of on-line sites which offer the same service.

    (wife recently decided to dive into genealogy. I learnt more than I wanted)

  24. Not That Andrew
    Flame

    @Paul - RE:RE:(untitled) (Redux)

    And since when is a family tree a job that requires a database? This would seem an ideal application for a spreadsheet. Or are you one of these idiots who think that the recent mania for applications to store data and settings as XML in MySQL or SQLite databases is actually a good idea?

  25. Not That Andrew

    Addendum to my previous ranty comment.

    I've just reread my last comment and it sounds rather pillocky. By "applications" I actually meant random desktop applications. Believe it or not, I fully endorse business applications responsibly storing data in a properly set up database.

  26. TeeCee Gold badge
    Coat

    @seatrotter

    Because, while they don't mind a few low-hanging fruit, allowing windfalls to participate would make things a tad too easy.

    Viz: Opera security related articles here recently.

    Jeeves? Lay out my flameproof vest, I'm expecting some Opera fanbois for tea.

  27. robbie
    Linux

    Apple crumble

    Seems odd the iPhone has a non-executable heap where Safari can't, or am I missing something?

This topic is closed for new posts.

Other stories you might like