Researcher Cracks Mac in 10 Seconds
Gregg Keizer, Computerworld
Mar 19, 2009 8:41 am

Charlie Miller, the security researcher who hacked a Mac in two minutes last year at CanSecWest's PWN2OWN contest, improved his time Wednesday by breaking into another Mac in under 10 seconds.

Miller, a principal analyst at Independent Security Evaluators LLC, walked off with a $5,000 cash prize and the MacBook he hacked.

"I can't talk about the details of the vulnerability, but it was a Mac, fully patched, with Safari, fully patched," said Miller Wednesday not long after he had won the prize. "It probably took 5 or 10 seconds." He confirmed that he had researched and written the exploit before he arrived at the challenge.

The PWN2OWN rules stated that the researcher could provide a URL that hosted his or her exploit, replicating the common hacker tactic of enticing users to malicious sites where they are infected with malware. "I gave them the link, they clicked on it, and that was it," said Miller. "I did a few things to show that I had full control of the Mac."

Two weeks ago, Miller predicted that Safari running on the Mac would be the first to fall.

PWN2OWN's sponsor, 3Com Inc.'s TippingPoint unit, paid Miller the $5,000 for the rights to the vulnerability he exploited and the exploit code he used. As it has at past challenges, it reported the vulnerability to on-site Apple representatives. "Apple has it, and they're working on it," added Miller.

According to Terri Forslof, the manager of security response at TippingPoint, another researcher later broke into a Sony laptop that was running Windows 7 by exploiting a vulnerability in Internet Explorer 8. "Safari and IE both went down," she said in an e-mail.

TippingPoint's Twitter feed added a bit more detail to Forslof's quick message: "nils just won the sony viao with a brilliant IE8 bug!"

Forslof was not immediately available to answer questions about the IE8 exploit.

TippingPoint will continue the PWN2OWN contest through Friday, and will pay $5,000 for each additional bug successfully exploited in Apple Inc.'s Safari, Microsoft Corp.'s Internet Explorer 8, Mozilla Corp.'s Firefox or Google Inc.'s Chrome. During the contest, IE8, Firefox and Chrome will be available on the Sony, while Safari and Firefox will be running on the MacBook. The researcher who exploited IE8 will, like Miller, be awarded not only the cash, but also the laptop.

"It was great," said Miller when asked how it felt to successfully defend his title. "But I was really nervous for some reason this time. Maybe it was because there were more people around. Lucky [the exploit] was idiot-proof, because if I had had to think about it, I don't know if I'd had anything."

This year's PWN2OWN also features a mobile operating system contest that will award a $10,000 cash prize for every vulnerability successfully exploited in five smartphone operating systems: Windows Mobile, Google's Android, Symbian, and the operating systems used by the iPhone and BlackBerry.

Miller said he won't enter the mobile contest. "I can't break them," said Miller, who was one of the first researchers to demonstrate an attack on the iPhone in 2007, and last year was the first to reveal a flaw in Android. "I don't have anything for the iPhone, and I don't know enough about Google."

CanSecWest, which opened Monday, runs through Friday in Vancouver, British Columbia.

Mac failed?

Let the denial begin......

lol.... take that apple users

"This just in....Millions of Apple worshippers commit ritualistic suicide...Now back to Terry at the weather board"

Are Macs actually known for being secure?  I thought they were just known for being "different", having less software available, being more expensive and being arguably better at some graphics.

Anonymity has a measure of protection, but as the Mac legend continues to grow, the commercial criminal hackers will start targeting it, and it will have just as many exploits as windows.

meh, only liberals use macs anyway.

Wow, the Mac hate is strong in this thread. Personally, I could care less. Computer's just a tool. This is being posted from an iMac, but there's a PC and a home built job running Linux in the house here too.

All systems have weaknesses.

Forgot to mention that there's a blackberry on the desk next to me. I'm multicultural

According to Terri Forslof, the manager of security response at TippingPoint, another researcher later broke into a Sony laptop that was running Windows 7 by exploiting a vulnerability in Internet Explorer 8. "Safari and IE both went down," she said in an e-mail.



Last time I checked Sonys run on Windows...

Everything can be hacked, and If you read the story everything WAS hacked at the contest.

Was never saying that it was the only to fail. Just that Mac is not the 'super protected' thing that some whore it out as. It is safer in some ways b/c less people use it for business/financial work so there is less spyware made for it. Stop reading into posts too much.

Chrome wasn't last time I checked, it's also a pretty new product though.

kool aid and applesauce flying off the shelves as we speak

its probably an exploit in Safari

If everything went down I don't understand why mac is getting hammered.

Because some Mac users claim that it is awesomely safe/protected

Mac,s are the Ferrari of computers. the rest of you may drive your
Pinto,s and Vega,s  If you can't afford Mac you are just wack L.O.L.

I would ask for more then the $5k prize, or else....

Hacking a mac is like hacking an etch-a-sketch. Who gives a shit, it's not like anyone important uses them.

Macs, by default, are more secure than windows PCs.  They're built on a more secure kernel, run an OS that has been hardened by 15 years of open source development, and are configured "out of the box" to protect the users from themselves.  Microsoft didn't really think about security until about XP service pack 2 –– the NT kernel by itself was a work of art, but everything built around it was a house of cards built on a beach.

That certainly doesn't mean a Mac can't be cracked –– it just means that you have to trick someone to do it effectively.  That's what happened here –– they demonstrated that if you can social engineer someone with access to screw up, you can take control of their machine.  No matter what OS they run.

I haven't laughed that hard in a while.

OUCH!

Obviously all Mac users are so well schooled that spelling and grammar checkers are not needed.



 

Mac's are only safe because no one gives a shit about mac users.

I still think of this when I hear people talk about Mac's:

is there a school that offers courses in hacking 101? i don't have the slightest idea how to even do it?

Trial and error.

Don't care,I still won't ever have another windows machine. Windows is still a steamin pile of shit.

I'll keep my mac book.  At least I would have to do something stupid to make it crash, like open an attachment from someone I don't know or visit a website I don't recognize.

My windows machine self-destructs and gives me the blue screen of death all on its own.  Windows is the worst virus out there.

I have actually attempted to make both xp and vista blue screen and couldn't do it.

haha


macs suck ass

If you don't try to make it crash, and you just go about your daily usage it will crash, right when you are doing something incredibly time consuming and important.

I haven't had a problem with Vista yet, OH YEAH I HAVE NEVER USED VISTA. I will let the rest of you beta test Microshaft software for them.

I must have a gift...

It is a Dell Inspiron laptop and the stinkin' thing is the most unstable piece of trash I've ever had.  Slower than molasses in winter and it locks up at least once every time I turn it on.  Unfortunately for me, I had bought Photoshop CS3 for windows a few months before I decided to switch to a mac.  That is the only reason I still keep it around.

Watch War Games, Hackers and Swordfish.

Never had a single crash using any Microsoft product, I did however make a crapintosh lock up simply by typing a paper on it.

Hey, my Mac crashed on me just yesterday.  It was the first time in over a year of moderately intense use (I run all of my work functions on a VM running XP), and it's run fine since.

Relating to the vulnerability in the OP, I do not use Safari.  Never did.  The first thing I did on my Mac was go to getfirefox.com.


Face it, Macs are getting more popular, thus the popularity of trying to crack them will go up.  I suspect more cracks and viruses will arise in the future.   This phenomenon doesn't make Macs any less great.

I always say that the reason macs don't get viruses is because no one bothers to write them for the OS because they are such a small percentage of the market, not because macs have any kind of better security than a PC.

Not that it would really matter anyway, the average computer user doesn't know jack about security regardless of their OS choice. A few hours online is enough for these people to get some kind of electronic super AIDS on their computers.

My advice for these people is just to delete the system 32 folder and save themselves some time.



Note, do not actually delete the system 32 folder. Seriously.

+1

Macs are much more difficult for your average user to fuck up than a Windows box.  I only hope Win7 helps in that regard.

The open source community contributes a lot that OS X is built on, so it's core, the kernel, is very similar to many open source kernels out there.  That means it's available for crackers to try to find exploits, and thus is easier to secure.

Web browsers and all the crap that runs in them are way too complex to be secure.

Been hearing about macs will have viruses and spyware for more than 12 years.

Awesome thread guys.


And to the nay sayers, the only reason your mac is soooo secured. Is because no one bothers to write code for it. It has been said, mac are as secure as windows. Actually windows updates more frequent than mac, so theres actually a bit of better protection with windows. Enjoy your failatosh.

Yep, I've been saying this for awhile. Increased marketshare = increased attractiveness to hackers. Plus it was only a matter of time before those gay, "I'm a mac" commercials pissed a hacker off.

No, they are the prius of the computer world.