MacBook hacked in seconds, again - via Safari exploit

Many people may remember Charlie Miller from last year's event where he successfully hacked a MacBook and was able to take control over it within seconds, walking away with the MacBook and the grand prize.

Charlie Miller once again successfully hacked the fully patched MacBook by exploiting a security vulnerability in Safari, Apple's web browser. The hack was accomplished by the team clicking on a link that took control of the machine within seconds. Charlie Miller walked away with the MacBook and the $10,000 top prize after successfully hacking the MacBook the fastest.

TippintPoint Zero Day Initiative has acquired exclusive rights to the vulnerability, and will work with Apple to patch the flaw. Details about the attack will not be disclosed until the patch is ready.

Charlie Miller wasn't the only successful hacker, but a security researcher nicknamed "Nils" was able to hack into a Sony Vaio laptop running an updated Windows 7 and Internet Explorer 8. "Nils" walked away with the cash prize and got to keep the hardware after successfully hacking it. "Nils" was also successfully able to hack into Apple's Safari browser being the second hacker of the day to exploit it.

Report a problem with article
Previous Story

USB tethering working in iPhone 3.0

Next Story

Microsoft announces availability of Internet Explorer 8

94 Comments

View more comments

LaP said,
+10

I agree with you but i like the current title as it attracts anti-apple people making this thread insanely fun to read. It's pure comedy to read anti-apple people ridicule themselves.


+1 dude, its mainly why I visit these stories. Everyone gets in such a tizz all the time, but when you look at the long run, no news story has created a "staggering shift" in the "technology balance" lol. Its all relative.

shakey_snake said,
The Safari-Mac was hacked first.

The ZDnet blog posted about it before the other exploits were done. Hence the emphasis.

Maybe this new article should be updated like the ZDnet article was? More objective, no?

ccuk said,
Maybe this new article should be updated like the ZDnet article was? More objective, no?

Maybe it could. Have you submitted an update to the newsdesk?


Actually any update should probably include this interview in which Charlie Miller talks about how easy it is to crack OSX.

ishtar said,
Ha Ha thats the old intel x86 crap it's no wonder it can be easily hacked Ha Ha should have stayed with unix.....Loser


uh what? Mac OS is BSD... and what does x86 have to do with it?

ishtar said,
Ha Ha thats the old intel x86 crap it's no wonder it can be easily hacked Ha Ha should have stayed with unix.....Loser

wtf? you make no sense, x86 is a CPU architecture and unix is an OS

ishtar said,
Ha Ha thats the old intel x86 crap it's no wonder it can be easily hacked Ha Ha should have stayed with unix.....Loser

As if the CPU architecture has anything to do with a system's vulnerability...
And what's with the switching from Unix to x86? One is an operating system, the other is a CPU architecture type.
Please refrain from posting if you don't have the slightest clue of what you're talking about.

I'm not a hacker but I'm computer-literate and intellectually curious - is there anywhere that contains a good description of how these hacks work?
I remain mystified that although OS designers have long been well aware of the dangers of hacking, nonetheless new patches arrive month after month in order to address newly-discovered security vulnerabilities. How is it that these continue to exist and are still being discovered? Is there some common feature to them all? I can understand how a newly-written OS may have some vestigial problems, but surely they must ultimately be found and patched?
Apparently not - but is there some accessible but technically accurate explanation of what underlies the problem that the interested but non-specialist reader could review?

TippintPoint's Zero Day Initiative has acquired exclusive rights to the vulnerability

WTF is up with that? IS this the new thing, acquiring exclusive rights to stuff like this? What are they going to do, hold it over a companies head for ransom or something?

No. They're keeping it private between themselves and the company who's product was hacked into until patches can be developed.

Funny how they also seem to miss this bit off the news posting

"Nils" also scored a clean hit against Apple's Safari (he was the second hacker to exploit Safari) and, later in the afternoon, he exploited a Firefox zero-day flaw to claim the trifecta.

Did you see the guys up a few posts? Windows obviously does, since people are claiming that Windows is far more secure than OS X. I agree that OS X might not be the most secure, but Windows has a similar fanboy culture.

Apple has the least secure OS, no Microsoft has the least secure OS... no wait... who cares? At the end of the day, the biggest threat to any computer's security is the end-user.

i guess it's a bit stupid to see this kind of comments. No OS is secure, and a lot of people know that. If viruses/malware and trojans are distributed the way they are today it's because of the endless average joe's in front of the computer that doesn't understand a thing and just want things done. He doesn't care if he has to install another program to view a website and if that comes with viruses. In the other hand, the tech savvy ppl have knowledge of what to and not to install and what it does.

In the end, as someone else have said, the problem is on the END USER

Commenting is disabled on this article.