Contest goal: To lay to rest, once and for all, the myths surrounding the lack of spreading computer virii on the Macintosh OS X operating system.
Today, DVForge, Inc. announced the Mac OS X Virus Prize 2005, where the company is openly challenging all of the computer coders of the world to go after the $25,000 cash prize that they are offering to the first person to successfully create and deploy an “in the wild” active virus for the Mac OS X operating system.
For the contest, a ‘virus’ is defined as executable code that attaches itself to a program or file so that it can spread from one computer to another, leaving infections as it travels between computers.
For the contest, an ‘in the wild’ virus is defined as one that is able to spread as a result of normal day-to-day usage onto two or more randomly selected computers that are connected only via the internet.
Are you a clever software geek, bored, looking for a challenge for your immense skills? Would you like world-reaching fame, and, a $25,000 cash prize? Well, here’s your chance for fame and fortune. All you have to do is put a virus into circulation that makes its way onto two totally unprotected Mac OS X computers we have running in Hendersonville, Tennessee. No trick, no hidden barriers… just two open internet connections to two non-firewalled, unmodified, bone-stock OS X 10.3 Panther systems, each tied directly to the ‘net by a T-1 line. According to the PC press, picking up this 25-grand should be child’s play.
“Symantec Corporation has recently released information to the press suggesting that they believe that the Mac OS X platform is at substantial risk to a new virus infection, and that the principal reason that OS X presently has zero in-the-wild virii is simply the lack of interest by virus coders, due to the platform’s comparatively small market share,” says DVForge CEO, Jack Campbell in the press release. “We recognize that assessment as complete nonsense, and, we have chosen to make a challenge that is interesting enough to grab the attention of any malicious coder… $25,000 worth of interesting. I happen to believe that Apple should be offering this prize. But, since they have not, I will. On behalf of knowledgeable Mac users everywhere, I am putting my money where my mouth is.”
We have designated two G5 Power Mac computer systems, each running an unmodified retail installation of OS X 10.3 Panther, each located in the Hendersonville, Tennessee area, but located approximately 3-miles away from each other in entirely different facilities. The only network connection between the two systems is the internet. Both Power Macs are on a minimum 8 to 12 hour per day, five to seven day per week usage, and run any number of popular Mac software applications. Each uses OS X mail.app as the email client, and Safari as the web browser, with neither machine or its LAN having a firewall in use. Each is connected to the internet through an unencrypted Airport network, to a full T-1 line.
Each day, we will scan both Power Macs for the presence of an OS X native executable virus, using a commercially available virus scanning utility. The day we locate a copy of the same virus running on both Power Macs, that virus is the winner of our contest.
To win the contest, the person coding the virus must submit an email notice to us with a transcript of at least 32 contiguous characters of code included in the virus, a brief description of the functionality and symptoms of the virus, and contact information for contest notification and payment of the $25,000 prize. The prize will be awarded to the person whose 32-character code sample, and functionality and symptoms description match the actual virus detected on the two contest Power Macs.
There has been much misinformation publicized recently about a supposed risk to the OS X operating system from virus attacks, with the ‘risk’ supposedly increasing as Mac computer sales are increasing. As a Mac dedicated business, and as a group of long-term Mac users, we know that these warnings are not true, and that there are a number of fundamental safeguards against virus attacks that keep the OS X operating system without its first in-the-wild virus. The ‘small number’ of Macs has nothing to do with the lack of virus incidents. It is the architecture of Apple’s operating system that protects its users from these bugs.
We are operating this contest until midnight July 31, 2005. Should the conditions for winning be met prior to that time, we will immediately award the $25,000 payment to the virus developer who succeeded in cracking the Mac’s inherent immunities.
Prize Doubled For Symantec
DVForge, Inc. has specifically invited the programming staff at Symantec Corporation to participate in their contest by creating and successfully delivering an executable virus to the two contest Power Macs. Should an employee or independent contractor of Symantec corporation win the contest, they will double the prize to $50,000 for that person.
Complete details on the DVForge Mac OS X Virus Prize 2005 contest can be found at http://www.dvforge.com/virus.shtml
Related MacDailyNews articles:
DVForge cancels Mac OS X Virus Prize Contest – March 26, 2005
Motley Fool writer: ‘I’d be surprised if Symantec ever sells a single product to a Mac user again’ – March 24, 2005
Symantec cries wolf with misplaced Mac OS X ‘security’ warning – March 23, 2005
Symantec’s Mac OS X claims dismissed as nonsense, FUD – March 22, 2005
Symantec warns about Mac OS X security threat – March 21, 2005
68,736 Microsoft Windows viruses vs. zero for Apple Mac’s OS X – March 12, 2005
Mac OS X has no viruses; what’s wrong with Windows? – February 11, 2004
hmmm… 25,000 to go to jail and have my record tarnished for life doesn’t seem like a great deal
It’s it illegal for this offer to even exist? just curious….
What a jerk-off. Someone should give HIM a virus
Awesome! This will be fun to watch…
First Post!
It’s Jack Campbell, at it again….
Seriously, what a jerk. Nothing is impregnable. I know OS X is tough, but asking for malware?
I’d like to offer $25K if anyone can break his ego.
I can see a letter from Apples lawyers arriving shortly.. the offer won’t stand long.
It’s similar to the offer that was made to the first person to graffiti one of the new Metro trains here in Denmark and to have in publicly photographed and appear in the press. Crazy idea!
Some people’s kids….
Good points, but nothing says the virus has to be malicious or destructive. Can you be prosecuted of the virus does no harm?
Now we know how Anti-virus SW companies operate. They create virus to sell their anti-virus. Now, they pay people for making viruses. What a noble business.
This is great because it wont happen. and the virus’ only current target is the contest Macs. So, even if a virus is created, the writer may only choose to infect the contest Macs. Also, I’m pretty sure a contest like this was done before, for the classic OS I believe—nothing came of it.
won’t it be rather easy to do so? all the security updates that have passed the show from 10.3.0 to 10.3.8..
and they are running an out of the box os x 10.3 system..
without a firewall. Heh.. why put the firewall off? isn’t it enabled by default?
this can’t be good…
The challenge seemed “OK” until he described “releasing it” via the NET…perhaps he should provide the two IP addresses of each Mac and indicate that the “virus” should only attack those two machine…to invite someone to create a virus and suggest they release it in the wild is probably a crime according to the DMA…or it should be – it’s definitely to be considered conspiracy to commit computer crime.
On the other hand…I’m actually a bit amused and interested. I hope many hackers try and fail. I’m tired of defending OS X to the PC masses against the security thru obscurity myth.
“Can you be prosecuted of the virus does no harm?”
Absolutely.. can you be prosecuted if you break into someones home if you don’t do any harm?
The first actual virus to penetrate OS X causes me and my investment substantional harm.
You need to think a little more before you make such nieve statements.
obviously they want to infect other mac so they can see antivirus software. A firefighter without a fire gets bored. They need our business so they will infect us to get us to buy thier products.
go to MacInTouch and search for “Jack Campbell” to find out what DVForge is all about …
Wait…how many idiots are out there?
How about a contest of:
– $20,000 to first person for breaking into the local convenience store and stealing all the beer or…
– $15,000 for whomever can slash the most tires in one hour at the local mall or…
– $10,000 for the first person to scratch all the CDs in a Music store with a rusty nail or…
– $50,000 to the first person who can poison their town´s local water system or…
– $100,000 for the first person that creates a flu virus that kills 100,000 people.
Sheesh! Some people have the stupidest ideas.
Since when is soliciting unethical (somewhat urban terrorist) activities a worthy thing?
Hmmmm, who is paying for this? My guess is…. M$
” width=”19″ height=”19″ alt=”wink” style=”border:0;” />
Oh of course – even if ‘no harm is done’ this creates a serious threat, and can and should probably be prosecuted.
If this is successful, think about all the companies that will suddenly have to start buying firewalls for OS X do to the fact that it is insecure – heck, I’d probably have to buy one for my personal machine. Maybe all us Mac users do need our bubble’s popped, and maybe we do need to start buying some security software, but the bubble shouldn’t be being forced to pop.
Think about all the people who just try in this competition. Maybe they’ll fail – but they’ll learn something, and maybe encouraged to experiment, and write another – and eventually get it right.
Of course, I too would love to see tons of people try and nothing come out of it, but as someone else mentioned, OS X is secure, but it’s not impenetrable. Security through obscurity is definitely one of our defenses – why risk shattering that now all for a game?
Very interesting NewsReader. Especially the stuff relating to hymm: http://www.hymn-project.org/forums/viewtopic.php?t=634
I’m glad I came across this info. I was thinking about buying one of his laptop stands (the ones with the fans on the bottom). Not anymore, I’ll wait for someone else to do it.
Listen to all you freakin sissies…. OMG. All you guys do on this site is bitch when someone has the ordacity to question the all holy Mac OS security. “Its the software stupid” sounds familiar?
Yeah. Shut yer freakin girly mouth up, just shut that friggin pie hole up and put your money where your mouths are….. What are you afraid of? Afraid to be proved that you were wrong after all? This is the real game of chicken here. And you pussies blinked.
Is the mac virus proof or not?
This is the way to prove it. However I do think that there are a few flaws. The setup should be like any OUT OF BOX mac, with the firewall on, and the consumer router firewall on as well. Other than that, I applaud this man for his balls to back up his belief with works.
BriAnimations,
This is no game… this is some VERY serious stuff.
People’s investments and livelyhood depend on it…. regardless if anyone wants to acknowledge that fact.
great, now people get invited to practice virii-coding for osx. Imagine the same amount for the first who recodes Fontographer for OSX…or to the first who manages to debug illustrator. Or wait…25K to the person who streamlines Doom3. There are so many things software-related that make more sense than this.
It sounds like a lot of people here are don’t know anything about DVForge. They don’t make antivirus software or security products (as of yet). They make Mac peripherals like mice, etc., some pretty good, others not. I don’t think this is being used as a sales ploy (ala Symantec’s latest BS), at least not in the way you think. It will sure garner his company some press, but not to sell antivirus products.
That being said, I think this is a horrible idea, and I fully expect Steve to sick the legal dept. on him poste haste. SJ said in a recent interview with Mossberg that the reason they don’t advertise the security of OS X is that they don’t want to put a big target on their back. Campbell just did that for them, in a BIG way.
to You punks.
what a wanker.
You just dont get it do you, but then retards normally dont get it.
Hugh
Sizewell,
Lighten up. He didn’t make a statement but posed a question.
“Can you be prosecuted if you break into someones home if you don’t do any harm?” Well, not if the homeowner invited you to do (perhaps to test his security system).
Finally, it’s “naive” not “nieve”