Source: http://www.desktoplinux.com/news/NS2702127176.html From: Za Vue [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 01, 2008 5:04 PM To: 'NT System Admin Issues' Subject: Mac Got Hack in 2 min Mar. 31, 2008
Blog: The Mac went down in two minutes. The Vista SP1 PC made it two days. Only the Sony VAIO VGN-TZ37CN laptop running Ubuntu 7.10 survived the CanSecWest PWN to OWN PC hacking contest. The rules were simple. Hackers had to "read the contents of a designated file on each system through exploitation of a zero-day code execution vulnerability" through a direct wired connection. The successful hacker system would get to keep it, hence the PWN <http://dvlabs.tippingpoint.com/blog/2008/03/19/cansecwest-pwn-to-own-2008> to OWN name, and a cash prize. The competition was sponsored by TippingPoint Technologies' <http://www.tippingpoint.com/> (a network security company) ZDI (Zero Day <http://www.zerodayinitiative.com/> Initiative). While neither the hackers nor TippingPoint revealed the details of the hacks, we do know which programs were cracked. In the case of Mac OS X running on a MacBook Air, the Safari Web browser proved to be the crack in Mac OS X's armor. With Windows Vista SP1 on a Fujitsu U810, Adobe <http://dvlabs.tippingpoint.com/blog/2008/03/28/pwn-to-own-final-day-and-wra p-up> Flash proved to be its Achilles' heel. In theory, the Flash vulnerability is cross-platform. In other words, the same hole might be used to crack Linux or other operating <http://www.desktoplinux.com/news/NS2702127176.html> systems. Since we don't know exactly how the security breach works, we can't be certain, though, that the same problem could be used successfully against Linux. What we do know is that with cash money on the line, not to mention ownership of a nice new PC, Linux came out untouched. Steven J. <mailto:[EMAIL PROTECTED]> Vaughan-Nichols ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
