Shane Macaulay from Security Objectives has won a Fujitsu U810 laptop running Vista Ultimate SP1 after it was installed with the latest version of Adobe Flash during the third and final day of CanSecWest PWN2OWN 2008 contest. He also won $5,000 from TippingPoint, the contest’s sponsor.
MacDailyNews Take: Ooh, a Fujitsu U810 laptop running Vista Ultimate SP1. Hello, eBay?
“Shane received some assistance from his friends Derek Callaway (also from Security Objectives) and Alexander Sotirov,” TippingPoint reports.
“The new Adobe Flash 0day vulnerability that Shane exploited has been acquired by the Zero Day Initiative, and has been responsibly disclosed to Adobe who is now working on the issue,” TippingPoint reports. “Until Adobe releases a patch for this issue, neither we nor the contestants will be giving out any additional information about the vulnerability.”
Full article here.
MacDailyNews Take: This news item will get 1/1,000th of the coverage of the Mac story because everyone expects Windows to be hacked. And that tells you just about all you need to know about both the media and the track records of each OS.
Check out RoughlyDrafted for more about security on Macs, the media’s reactions, and more here.
“MacDailyNews Take: Ooh, a Fujitsu U810 laptop running Vista Ultimate SP1. Hello, eBay?”
Ooh, Now that was a catty response
MDN’s take is a catty response.
On another note; it’s nice to see that these contestants actually spent time while at the compitition to achieve this, unlike the guy who won the MBA.
there’s hating because Win Vista SP1 was vulnerable because of third party software. Needless to say, Safari is made by Apple. I hate to say it, I hate MS more than anyone, but they took an
extra day and needed more of the safeties released.
This time.
However!
Let’s just wait until next year when MS releases another SP and breaks more stuff. ” width=”19″ height=”19″ alt=”smile” style=”border:0;” />
“Ooh, Now that was a catty response”
What do you expect with a litterbox as a prize? ” width=”19″ height=”19″ alt=”wink” style=”border:0;” />
Let’s all be honest. Apple in the past has had enough programmers to keep ahead of the virus makers. This is changing.
roughly drafted has a nice piece on this before you all leap to your conclusions like the organizers and drive by media thought you would…
How sad. Only way to hack Vista is through Adobe’s shitty flash, while Macs got compromised first from Apple’s own Safari.
Vista > Mac O$X
And this is so NOT NEWS that the ONLY place this will be reported is on MDN…LOL!
And in other news:
It came to our attention yesterday evening that “Reality Check” is Steve Ballmer’s secretary.
Which explains a lot.
Only a fool would think it safer to troll the internet using Vista than OSX, of any flavour. However fools remain ten a penny.
“However fools remain ten a penny.”
Does that mean that Ray can afford twenty fools?
Ooh, a Fujitsu U810 laptop running Vista Ultimate SP1. Hello, eBay?
Heh, why risk bad feedback on eBay?
I say stuff this one straight into the trash. It isn’t even worth recycling.
As far a face-slaping, er “rewarding” someone with this thing, WTF?? At least the cash prize took the edge off.
“Fujitsu U810 laptop running Vista Ultimate SP1.”
Didn’t Homeland Security order 200 of those fine machines? I feel safer.
I’m impressed that it was a third party application, and not IE or Vista itself that they used to hack. If only Vista wasn’t slow. Let’s hope Windows 7 will have the strength of VIsta, & the speed of Leopard.
http://www.roughlydrafted.com/2008/03/28/cansecwest-and-swiss-federal-institute-of-tech-deliver-attacks-on-the-reality-of-mac-security/
As long as people still find it necessary to buy virus protection for Windows computers (and not for Macs), there’s absolutely no way to claim that Windows computers are “safer.”
“Let’s hope Windows 7 . . .”
Never exists.
I don’t see myself getting Windows 7 in the next few years, so I guess it doesn’t matter to me when they release it. I can afford for them to take their time.
Hello eBay???? Try Hello Boat Anchor!
TommyBoy…
Thanks for the Roughly Drafted link. Good article.
The follow-up comments are particularly illuminating.
“MacDailyNews Take: Ooh, a Fujitsu U810 laptop running Vista Ultimate SP1. Hello, eBay?”
That’s actually a really nice laptop hardware wise. I would install Ubuntu or some other linux distro on it. Also, people have been wanting Apple to release an ultraportable macbook tablet for some time.
An apple machine the same size would be VERY nice. However, for some reason North Americans don’t like small laptops (laptops with displays below 11 inches). I think an Apple machine similar in size would be necessary for Asian markets like Japan and Korea where Apple hasn’t performed as well as in Europe and North America.
The thing is, the guy who hacked the MacBook said he did so because he thought it was easier. Fair enough, maybe it is/was. Had he/they attempted the other machines, how do we know they couldn’t have done it just as quick? It’s not a subjective test. A hack is a hack, but it’s being labelled as some sort of proof of overall security of all systems in general.
Windows Vista Ultimate.
I nominate that for the “Oxymoron of the decade.”
Let us all remember that none of these computers were hacked on the first day. They all required a certain amount of physical access.
I wonder if there was a-v software on the Windows machine?
Go Linux.
No a-v software on any machine. No exposure to the internet either.
What kind of bullshit is this. An unprotected Vista machine on the internet would have been pwned by a Russian or Chinese spammer before the first contestant got anywhere near it.
Hell anyone can hack any computer if you give them physical access.
> I hate to say it, I hate MS more than anyone, but they took an extra day and needed more of the safeties released.
The Safari hack was created well ahead of the contest. The time it took is irrelevant. You don’t actually think it took just two minutes for that hacker to create website to compromise the MacBook Air. It probably took weeks.
The reason the Mac was compromised faster in the contest was because the competitors wanted a MacBook Air much more than a Fujitsu.