“The eighteenth annual CanSecWest security conference is underway in downtown Vancouver, Canada, where researchers are competing in the 11th Pwn2Own computer hacking contest for over $2 million in prize,” Tim Hardwick reports for MacRumors.
“Day one results have already been published over at the Zero Day Initiative website, with a couple of successful Mac-related exploits already appearing in the list of achievements,” Hardwick reports. “Samuel Groß of phoenhex returned to Pwn2Own to successfully hack Apple’s desktop Safari browser. Groß used a JIT optimization bug in Safari, a macOS logic bug, and a kernel overwrite to execute code to successfully exploit the browser, earning himself $65,000 and six points towards Master of Pwn. The exploit also caused a text-based message to appear on a MacBook Pro’s Touch Bar.”
Hardwick reports, “Apple representatives have attended the Pwn2Own contest in the past, and affected parties are made aware of all security vulnerabilities discovered during the contest so that they can be patched in future software updates.”
Read more in the full article here.
MacDailyNews Take: Anything that even further hardens Apple software security is a Good Thing™!
So all together now, in monotone…
“For the Greater Good”
Hackers get rewarded for demonstrating OS and application vulnerabilities. This is an all-around beneficial social process that deters hackers from turning into black hats and also allows technology companies to harden their software without excessive development and testing costs. Consumers are also winners because they receive more secure products, and potential exploits are closed down before they can virally infect millions of devices, which prevents economic losses across the board.
This qualifies as tech news in a big way, and it’s rather a shame that the Mac faithful haven’t much to comment here.. preferring to fight pointless ideological battles instead. One of the biggest Apple stories of recent years was that Apple attended and helped bankroll these contests. Sure, it was in their best interests to do so but they used to be secretive and aloof. Now they want help and will pay for it. To me that is both sound business thinking and a retreat from their mystical purity of years past. Besides, youthful creative minds are almost never insiders in government, corporate, or aristocratic networks; they are essentially unemployed and unspoilt, highly motivated to achieve notoriety amongst their peers. In the marketplace of ideas, this is capitalism at its best.