Organizers of CanSecWest Vancouver 2007 have announced that they will be running a contest “PWN to OWN” where two, “loaded up, Apple Macbook Pro’s will be set up on their own AP (with security updates but otherwise default) and attendees will be able to connect to the ethernet or WiFi. The first to exploit it (there are victory conditions, and progressive rules over the three days) gets to go home with it. (Limit one per person, Can’t use the same vuln on both.) If they survive the three days in the ‘jungle,’ they become prizes for best lightning talk and best speaker. Detailed contest rules to follow shortly.”
Full article here.
That an operating system that has just recently celebrated its sixth birthday is subject to such a contest should tell you all you need to know about Mac OS X security.
Related articles:
Apple Mac remains ‘unhacked’ as University of Wisconsin’s Mac OS X Security Challenge ends – March 08, 2006
Mac OS X ‘unhacked’ over 24 hours and counting in genuine security challenge – March 07, 2006
University of Wisconsin launches Mac OS X Security Challenge – March 06, 2006
This kind of stuff has got to be just awesome research/marketing for Apple. If nobody hacks in, then that news will spread across the ‘net as good, free publicity. If somebody does find a hack, then Apple can use the data to close the hole.
I think this is cool. In the end, it will only make things better. But more so, Macs are really becoming popular and desirable to those who didn’t care before. In a couple of years, the computing landscape could be considerably different and increasingly in our favor.
The results will be newsworthy.
Let’s see if all of those security pros who write hacks for their own computers can actually hack someone else’s Mac.
It’s easy to hack your own computer.
Hack this.
would be interesting to have some vista machines in this contest
Those cooky Canadians.
” width=”19″ height=”19″ alt=”LOL” style=”border:0;” />
No doubt. Bring Vista in to the Mix.
I dare you MS
This really is great. A real security conferrence putting the Mac up to the test. Eitherway, they’ll make some noise. Either someone walks away with the MBP and it’s all over the news about how they did it, or nobody can hack a default config MBP and the Mac is seen (in the Security community) as a truly safe computer.
Hmm, I wonder why they didn’t use a Dell for this contest… Oh, yea, it would have been gone in the first 10 minutes with people hacking it.
Not fair! They should also have two top-of-the-line PC laptops as part of this competition.
I know…. they might as well just walk out on the street and give em away.
this will be the nerd equivalent of a back porch Deliverance banjo competition – we’re way beyond pocket protectors and underwear nametags here
The big problem with this contest is if the Macs get hacked, that will be big news repeated on every pro-microsoft blog and news media. If they can’t be hacked, it will only reinforce what most Mac users already know – no news.
“would be interesting to have some vista machines in this contest”
Wouldn’t that be like shooting fish in a barrel?
They should let Bill Gates have a go…
After all he says Macs are exploited every day of the month.
I find it humourous that Microsoft is one of the short list of Sponsors.
Perhaps they would just love to see some hackers taking home some free macs… to them it would be so much more.
Bill Gates can mouth off all he wants about Vista being secure.. lets see some proof. Put up or shut up Microsoft and Gates.
MDN keyword “Action” as in actions speak for themselves, that means you M$.
Yes, folks, to be fair a Dell or other Windows PC should be pitted against a Mac in the same ring. Can CanSecWest afford to give away that many PCs? Seriously, do the makers of Dell, HP, Sony, et al have the balls to put their machines to the test with a Mac? Well, do they?
The vulnerability of Windows will be made evident either by the conspicuous absence of a Windows PC or the presence of a PC running Windows. However, I suppose that is the point of this stunt.
Bring it, wise guys.
Good one Macaday!! I like it.
“This kind of stuff has got to be just awesome research/marketing for Apple. If nobody hacks in, then that news will spread across the ‘net as good, free publicity. If somebody does find a hack, then Apple can use the data to close the hole.”
Sad thing is someone will claim pwnage, it will get spread all over the intarwebs like wildfire to a chours of ‘i told you so’s’ and then three days later it will be learned that there had to be considerable assitance and cheating to get a hack to work, to which there will be little media coverage or fanfare.
Irrespective of the end result, I think this ends the argument that no-one is targeting the Mac.
Several years ago, as I recall… there was something called “hackamac.org” … (or some such)
Anyhoo… once a year…they would put a Mac online … publish the IP .. and TelNet info … and invite anyone to “hack” it …
The idea was to do something to the Mac, that could be confirmed … and if you did it .. you won that Mac …
I dont remember anyone ever winning …
And this was back in the Beige G3 days (and before), too !
Anyone else who also remembers … it would be nice if you could shed some more light on these guys … like maybe .. whatever happened to them, etc…
“They should let Bill Gates have a go…”
Gates is a walking computer virus with a human attached just for life support.
Paging Mr. Nanian…. Paging Mr. Nanian….. Paging Mr. Nanian…..
Mr. Nanian??
Has anyone seen Mr. Nanian????
This may be good, but it still reminds me of the feeling you have when you think your health is fine, and you hope the doctor giving you a physical examination thinks so too.
Oh yeah! Well Symantec rated MS Windows the most safest and secure OS because they are constantly updating and making sure all new vulnerabilities are plugged up! Neener, neener, neener!