Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
The security of the Mac platform has been rocked after a hacker cracked it in just ten seconds.
At CanSecWest's PWN2OWN contest, Charlie Miller, a principal analyst at Independent Security Evaluators, improved his time of hacking a Mac in two minutes from a year ago to just ten seconds this year with a separate remote-execution exploit. Two weeks ago, Miller predicted that Safari running on the Mac would be the first to fall and he reported how he had managed to hack the Mac directly to Apple. Miller walked off with a $5000 cash prize and the MacBook he hacked. He confirmed that he had researched and written the exploit before he arrived at the challenge, and said: “I can't talk about the details of the vulnerability, but it was a Mac, fully patched, with Safari, fully patched. It probably took five or 10 seconds. I gave them the link, they clicked on it, and that was it. I did a few things to show that I had full control of the Mac.” The PWN2OWN rules stated that the researcher could provide a URL that hosted his or her exploit, replicating the common hacker tactic of enticing users to malicious sites where they are infected with malware. See original article on scmagazineuk.com
Two weeks ago, Miller predicted that Safari running on the Mac would be the first to fall and he reported how he had managed to hack the Mac directly to Apple. Miller walked off with a $5000 cash prize and the MacBook he hacked.
He confirmed that he had researched and written the exploit before he arrived at the challenge, and said: “I can't talk about the details of the vulnerability, but it was a Mac, fully patched, with Safari, fully patched. It probably took five or 10 seconds. I gave them the link, they clicked on it, and that was it. I did a few things to show that I had full control of the Mac.” The PWN2OWN rules stated that the researcher could provide a URL that hosted his or her exploit, replicating the common hacker tactic of enticing users to malicious sites where they are infected with malware. See original article on scmagazineuk.com
He confirmed that he had researched and written the exploit before he arrived at the challenge, and said: “I can't talk about the details of the vulnerability, but it was a Mac, fully patched, with Safari, fully patched. It probably took five or 10 seconds. I gave them the link, they clicked on it, and that was it. I did a few things to show that I had full control of the Mac.”
The PWN2OWN rules stated that the researcher could provide a URL that hosted his or her exploit, replicating the common hacker tactic of enticing users to malicious sites where they are infected with malware.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.