Macbook Hacked in 2 Minutes!


Recommended Posts

guruparan

Macbook (MacbookAir) got hacked withing 2 minutes!! :-)

Source: From Macworld

(http://www.macworld.com/article/132733/2008/03/hack.html)

Where: Security Conference open (http://cansecwest.com/post/2008-03-20.21:33:00.CanSecWest_PWN2OWN_2008)

:-D

Prize he won: 3 laptops (Sony Vaio, Fujitsu U810 and the MacBook ) + US$10,000

Edited by guruparan
Link to post
Share on other sites
Hell-In-A-Handbasket

OMG a computer got hacked when the hacker was actually at the computer, im so in trouble from hackers /sarcasm

Nobody was able to hack into the systems on the first day of the contest when contestants were only allowed to attack the computers over the network, but on Thursday the rules were relaxed so that attackers could direct contest organizers using the computers to do things like visit Web sites or open e-mail messages
Link to post
Share on other sites
Berserk87

ha.

so did he pick the macbook? :p

OMG a computer got hacked when the hacker was actually at the computer, im so in trouble from hackers /sarcasm

read the article....he wasnt on the computer, he took control of it by "tricking" someone into going to a certain webpage, which has a malicious script on it, and gives him control of the hosts computer.

Link to post
Share on other sites
PL_
OMG a computer got hacked when the hacker was actually at the computer, im so in trouble from hackers /sarcasm

Uhh, no, the hacker still wasn't allowed to touch the computer :huh:

Link to post
Share on other sites
Hell-In-A-Handbasket

directed people to go to a site, instructing somebody is about the same as actually doing it personally.

thats like ariving at somebodys door saying your from their bank and telling them to go to www.whatever.tv and having them enter their bank information to confirm they are who they say they are

Link to post
Share on other sites
guruparan

He got 3 laptops (Sony Vaio, Fujitsu U810 and the MacBook ) + US$10,000

Link to post
Share on other sites
Numpad

i could of won that.. i would of just asked the person on the laptop to bring it over to where i am.. Voila!

Link to post
Share on other sites
Elessar
directed people to go to a site, instructing somebody is about the same as actually doing it personally.

thats like ariving at somebodys door saying your from their bank and telling them to go to www.whatever.tv and having them enter their bank information to confirm they are who they say they are

You fail. Most sites tailored for specific countries start with two letters, for example, us.abc.com, i'm sure it would be simple to have someone click a link going to usa.abc.com which is controlled by the hacker who then gains access to your computer, not that hard and the person doing the clicking probably didn't suspect a thing.

Link to post
Share on other sites
sundayx
i could of won that.. i would of just asked the person on the laptop to bring it over to where i am.. Voila!

Yeah! go you!

Link to post
Share on other sites
Thrawn
directed people to go to a site, instructing somebody is about the same as actually doing it personally.

thats like ariving at somebodys door saying your from their bank and telling them to go to www.whatever.tv and having them enter their bank information to confirm they are who they say they are

No, you can get someone to go to a site by a maliciously placed link at a number of places (like a youtube video or something) or an email.

Honestly. OS X sux0rs. I bet my IE 7 with UAC protected mode wouldn't fall for something like this, lol.

Link to post
Share on other sites
osirisX

*Hands everybody flame-proof suits*

Link to post
Share on other sites
Gary2MBz

Now all those snob Mac users can weep with their false brainwashed statements. IT just goes to show you no OS even LINUX is safe from hackers. Just use COMMON SENSE when computing and don't tell me the Average Joe crap because he'd even hang himself trying to follow common sense.

Link to post
Share on other sites
Hell-In-A-Handbasket

there is a track history that proves that it would, especially since the hacker would have directed the operator to allow it

I bet my IE 7 with UAC protected mode wouldn't fall for something like this, lol.
Link to post
Share on other sites
Eric
directed people to go to a site, instructing somebody is about the same as actually doing it personally.

thats like ariving at somebodys door saying your from their bank and telling them to go to www.whatever.tv and having them enter their bank information to confirm they are who they say they are

No, that's like saying, "hey, check this new blog out at blog.whatever.tv" and it's not a blog, but a site that serves a maliciously crafted page.

Link to post
Share on other sites
Hell-In-A-Handbasket

the .tv was not serious, i didnt actually mean the country

and besides

Except for reserved names like .com.tv, .net.tv, .org.tv and others, any person in the world can register a .tv domain for a fee. In 2000, Tuvalu negotiated a contract leasing its Internet domain name ".tv" for $50 million in royalties over a 12-year period
You fail. Most sites tailored for specific countries start with two letters, for example, us.abc.com, i'm sure it would be simple to have someone click a link going to usa.abc.com which is controlled by the hacker who then gains access to your computer, not that hard and the person doing the clicking probably didn't suspect a thing.

and besides even that, this is not the least bit worrying

Link to post
Share on other sites
Fonze
You fail. Most sites tailored for specific countries start with two letters, for example, us.abc.com, i'm sure it would be simple to have someone click a link going to usa.abc.com which is controlled by the hacker who then gains access to your computer, not that hard and the person doing the clicking probably didn't suspect a thing.

The way domain names work is like a hierarchy. the part all the way to the right of the domain name is the top level, and the part all the way to the left is at the bottom. So in the example us.abc.com, com is at the top, and us is at the bottom.

com

|

abc

/ | \

jp us uk

So, in order for someone to create the domain usa.abc.com, they would have to gain control over the abc domain. If someone were to gain control over the abc domain, they could cause a lot more damage than just creating a new URL to trick people.

Link to post
Share on other sites
team_NOOB
*Hands everybody flame-proof suits*

:laugh: qft!

Link to post
Share on other sites
j0nnymoe
Now all those snob Mac users can weep with their false brainwashed statements. IT just goes to show you no OS even LINUX is safe from hackers. Just use COMMON SENSE when computing and don't tell me the Average Joe crap because he'd even hang himself trying to follow common sense.

Only reason its said that OS X/Linux users are safer from hackers than windows users, is because the amount of people that use windows and dont have a clue what they are doing with a computer, thus makin them a easy target for hackers

Link to post
Share on other sites
DrunkenMaster

I have an iMac .... I am invincible!!!!!!

:p

Link to post
Share on other sites
MrFuji
I have an iMac .... I am invincible!!!!!!

:p

Haha, just wait till a mean hacker directs you to a webpage with a malicious script on it :p

Link to post
Share on other sites
DrunkenMaster
Haha, just wait till a mean hacker directs you to a webpage with a malicious script on it :p

Nope. I am still Invincible. There are only nice hackers. No one will misdirect me to anything malicious.

Link to post
Share on other sites
Elessar
The way domain names work is like a hierarchy. the part all the way to the right of the domain name is the top level, and the part all the way to the left is at the bottom. So in the example us.abc.com, com is at the top, and us is at the bottom.

com

|

abc

/ | \

jp us uk

So, in order for someone to create the domain usa.abc.com, they would have to gain control over the abc domain. If someone were to gain control over the abc domain, they could cause a lot more damage than just creating a new URL to trick people.

I understand how domains are formed, i was commenting in regards to copycat/phishing sites where the goal is to look exactly like a legit site. In my example, a hacker could take that a step further and create a domain that looks very similar to the legit site.

Link to post
Share on other sites
LTD

**yawn**

Lets see what else is on . . .

Link to post
Share on other sites
daveoc64

I'm glad this has come out.

I'd rather that other Mac users woke up and realised that we AREN'T magically protected by Mac OS X and that given the knowledge of a flaw and what seems harmless to a user, damage can be done.

If anything, I'd say Windows users are a little better protected - not only do the browsers try and pick up on stuff (like phishing or fake sites), but they are also probably running Anti-Virus software and have a reasonable firewall in place - something which is rare on Mac OS X or Linux.

Edited by daveoc64
Link to post
Share on other sites
Typhon

God I want my 2 minutes of my life back. Yawn yawn let's see what other trash I can post up.

Link to post
Share on other sites
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.