toggle

AAPL Stock: 102.1 ( + 2.34 )

Printed from http://www.macnn.com

Pwn2Own MacBook hacked in seconds

updated 10:40 pm EDT, Wed March 18, 2009

MacBook hacked in seconds

For the second year in a row, Charlie Miller has won the Pwn2Own contest by hacking into a MacBook in less time than competitors, according to ZDNet. For the recent event, he quickly compromised Apple's fully patched notebook by exploiting a security vulnerability in Safari. "It took a couple of seconds," he said. "They clicked on the link and I took control of the machine."

Miller said he had planned to hack into Safari, previously testing the exploit to make sure it "worked the first time" before arriving at the CanSecWest conference. The attack netted him a $10,000 purse, along with the hacked MacBook.

The speed of the hack was much quicker than his performance last year that took two minutes, while participants required nine hours the year before to break into a MacBook Pro.

Under the terms of the competition, TippingPoint's Zero Day Initiative received full rights to the vulnerability. Miller is restricted from providing further details until Apple has a chance to release a patch.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. Flying Meat

    Joined: Dec 1969

    +8

    Clearly

    it is possible.

    While it does require a user to click a particular link, it might be "somewhat" more difficult to get a specific target to click the link, it is not impossible.
    It might take minutes, hours or days, depending on your social engineering skills, but it is possible.
    Man in the middle might take less time, or perhaps some sort of temporary dns hijack?

    I don't know. Maybe it's harder than I think. Or is it?

  1. Mr. Strat

    Joined: Dec 1969

    -2

    BFD - More FUD

    OK, so it requires PEBCAK.

    Impress the world by taking control without someone being logged in...without admin rights...without anyone touching the computer.

    Can't do it.

  1. fubar_this

    Joined: Dec 1969

    -1

    Not FUD

    Why is this FUD just because it requires social engineering?Almost all malware on all platforms requires social engineering. Windows included. There hasn't been a self-spreading (read: no user interaction required) Windows virus since SQL Slammer in 2004. Macs are just as susceptible to malware attacks using social engineering, and social engineering is how 99.9% of malware spreads these days.


    Also, it doesn't require some sort of trickery either these days. A lot of times these days a known good site, such as your church's or your school's Web site, is infected. The hackers guess the usually poor Web site on your school's Web site, change the HTML so that it takes advantage of some flaw in Safari or Internet Explorer, and bam. Next time you want to look at little Timmy's lunch schedule, you're infected.


    The only reason Mac's aren't affected by this type of attack more often is because of market share. Changing one line of HTML nets 90% of the world being susceptible, so why bother with the other 10%?

  1. fubar_this

    Joined: Dec 1969

    -8

    Not FUD

    Why is this FUD just because it requires social engineering?Almost all malware on all platforms requires social engineering. Windows included. There hasn't been a self-spreading (read: no user interaction required) Windows virus since SQL Slammer in 2004. Macs are just as susceptible to malware attacks using social engineering, and social engineering is how 99.9% of malware spreads these days.


    Also, it doesn't require some sort of trickery either these days. A lot of times these days a known good site, such as your church's or your school's Web site, is infected. In 2006, the Web site for Dolphin Stadium (weeks before the superbowl) was hacked so that it took advantage of a flaw in Internet Explorer. Over 200,000 people were infected by just going to the Web site to check on parking for the Superbowl.

    The only reason Mac's aren't affected by this type of attack more often is because of market share. Changing one line of HTML on Dolphin Stadium's Web site got 200,000 people infected in a matter of hours. The attack was discovered pretty quickly,but in a short time a large number of Windows users were infected. Only a dozen or so Mac users could get infected in that short time because there's so few of them.

  1. ViktorCode

    Joined: Dec 1969

    0

    Control means what?

    I would love to know what's hidden under 'took control' notice. For example the hacker has the remote control over MacBook as via remote desktop, and what happens when hackers perform some action that requires entering admin password?

    This is where essential stuff is, if the hacker can't bypass password request then the amount of possible harm to the user will be limited.

  1. jpellino

    Joined: Dec 1969

    -2

    If he had

    any scruples he'd have told Apple this when he knew it instead of letting it go and using it to gain $10K and a MacBook.

  1. eldarkus

    Joined: Dec 1969

    +1

    in reality

    correct me if I'm wrong, but If someone wanted to pull this off in the real world, they would need 2 things

    1) Need to be on the same local network
    2) Need to monitor that machine 24/7 when the user clicks on the link.

    and what happens if the user clicks on the link, then closes the browser window? Does the vulnerability still stay open?

  1. eldarkus

    Joined: Dec 1969

    +5

    @jpellino

    Read the article, dude. his scruples are fully in tact.

    "TippingPoint’s Zero Day Initiative has acquired the exclusive rights to the vulnerability and coordinate the disclosure and patch release process with Apple.

    Technical details of the vulnerability will not be released until a patch is ready."

  1. testudo

    Joined: Dec 1969

    +2

    Re: in reality

    correct me if I'm wrong, but If someone wanted to pull this off in the real world, they would need 2 things

    1) Need to be on the same local network
    2) Need to monitor that machine 24/7 when the user clicks on the link.


    I don't know, since none of the details of the attack were released.

  1. UberFu

    Joined: Dec 1969

    0

    Not Hacking...

    Not Impressed!

    When these idiot "hackers" in this apparently new annual contest actually Hack Into OS X using a means other than a web exploit and stupid user interaction - then it would be worth a mention.

    This doesn't make Mac OS X vulnerable - it's either simply a bug in Webkit or a web code exploit.

    Set up a computer point it to the internet and have them actually attempt to gain access thru a system level exploit.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Plantronics Rig Surround 7.1 headset

Trying to capture the true soundscape of video games can be a daunting task. Looking to surround-sound home theater options, users hav ...

Kenu Airframe +

Simple, stylish and effective, the Kenu Aiframe + portable car mount is the latest addition to Kenu's lineup. Released earlier this y ...

Adesso Compagno X Bluetooth keyboard

The shift from typing on physical keyboards to digital versions on smartphones and tablets hasn't been an easy for many consumers. Fr ...

toggle

Most Commented