Pwn2Own defeats Firefox, Safari, IE8, and iPhone
The Pwn2Own contest has made light work of security features built into Firefox, Safari, and IE8 - plus Apple's iPhone.
The annual contest challenges hackers and security researchers to attack devices running fully up-to-date versions of the latest browsers and operating systems, with the first to breach a particular system receiving a cash prize along with the hardware used in the contest. As reported over on CNET, it's been a busy day for the security community.
In day one of Pwn2Own 2010, security pro Charlie Miller was the first off the blocks with a successful remote attack against a MacBook Pro running the latest version of Apple's MacOS X - exploiting a hitherto unknown security vulnerability in the Safari browser to launch a remote shell and winning himself $10,000 plus the laptop for his trouble.
Next was Peter Vreugdenhil, who managed to bypass Windows security features including Data Execution Prevention code via Internet Explorer 8 to take over a PC - and again receiving $10,000 plus the hardware.
The browser-based trifecta was completed by a mysterious figure calling himself Nils - no last name - who received $10,000 for exposing a memory corruption flaw in the latest version of Mozilla's popular Firefox browser.
Perhaps the most surprising hack of the day came from Ralf Weinmann and Vincenzo Iozzo, who shared a $15,000 prize for exploiting an iPhone running the latest firmware in such a way that a simple visit to a malicious website can cause the handset to silently upload its entire SMS database to a remote server - giving ne'er-do-wells full access to all your private messages. The pair were keen to point out that although the version of the exploit used at Pwn2Own targetted SMS messages, the code can be tweaked to retrieve any data stored on the handset - including photos.
Details on all the exploits used at Pwn2Own this year will be shared by contest organiser TippingPoint with the relevant vendors, allowing patches to be developed to secure the holes.
Are you amazed that so many browser attacks were successful, or do you just feel sorry for Apple getting hit twice in one contest with MacOS X and iPhone penetrations? Share your thoughts over in the forums.
Previous Article
25 Comments
Discuss in the forums ReplyHackers tend to target popular platforms.
FF, IE8, Safari are the three most popular browsers.
Reasons being:
- IE ships with Windows
- Safari ships with Mac
- FF is the most popular 3rd party browser
Pwn2Own normally focuses on "stock installs" on day one, AFAIK.
Think about it - why would you bother hacking Opera on a mac, if there's a total of 2 people running that combination worldwide... :/
Still, its a pretty good effort. I think the iPhone one is the most interesting -its a pretty locked down phone after all, and from what I hear getting stuff onto it without iTunes is a nightmare.
You don't even need security software for the mighty Apple. Thats why they are so much better than PC's.
[/sarcasm off]
LOL!
memory corruption flaw is interesting? :P
well if they meant the computer RAM memory, yeah, that'll b interesting lol....
im most interested at the script that can upload all those iphone media into a remote server all in one swipe.
For your own protection.
+1 to do it anyway. Everyone knows Macs are immune.
Probably got banned from the appstore as a result and guys in turtlenecks will laugh at them for using inferior hardware to hack it with.
Was reading a article the other day saying that with their closed platform now based on intel this makes it even easier yet to exploit.
This is not a dig at mac users but the mac empire with its head in the sand
I wondered this too. Until there is more info on the attack it's impossible to tell. Fire Fox + AdblockPlus + Noscript works quite well. I do hope the next version of FireFox will have a sandbox similar or better than Chrome's current implementation.
not sure on exact figures
if you make a virus you target the biggest market not the smallest unless your just wanting to hack macs
Good to see such results from day one!
Doubtful tbh, just look at the 0day the other day, overflow caused by new WOFF feature, no script wouldnt protect against that, a lot of these overflows are cuased by file handling and exploiting plugins to handle aditional content rather than it being a bug in the rendering and javascript engines
Even a sandbox wouldnt protect if the fault is located in a plugin, and the plugin dev decides not to follow bestpractice or circumvent security measusre (adobe) then ur boned anyway
to wipe the smug smiles off their faces? :- P
/. has an update on this where apparently Miller is wanting to show the developers how to find the vulnerabilities rather than just what they are
You're definitely wrong, NoScript did protect specifically against the WOFF bug, like it did with 99% of the Firefox vulnerabilities seen so far and with almost 100% of the working exploits, since they usually require also Javascript-based or plugin-based heap spraying.
Here's why NoScript has been blocking web fonts by default for a long time now.
But the fact remains that Mac users do not use anti viruses, so why would you target the harder target? Target the fools who are still oblivious, and perhaps your infection rate will shoot through the roof.