CanSecWest sweetens ‘Hack a Mac’ contest pot to $10,000

Apple Store“The prize in the hack-a-Mac contest at the CanSecWest conference here just got bigger,” Joris Evers blogs for CNET.

Evers reports, “TippingPoint, which runs the Zero Day Initiative bug bounty program, is offering to pay $10,000 to the hacker who commandeers one of two MacBooks. The target computers are connected to a wireless access point and fully patched, including the update for 25 vulnerabilities that Apple released on Thursday.”

“CanSecWest organizers have set up the MacBooks with all security updates, but without additional security software or settings. Attendees are able to connect to the machines via the access point through Ethernet or Wi-Fi,” Evers reports.

Full article here.

The CanSecWest home page states, “Gentlemen_Start_Your_PWNing: The 2.3Ghz 15″ Macbook Pro is on 192.168.0.42 and can be yours if you follow the instructions in the home of the default user, and the 2.3Ghz 17″ Macbook pro is on 192.168.0.43 and can be yours if you follow the instructions in the filesystem root (this one will need admin compromise).”

The eighth annual CanSecWest conference is being held April 18-20 at the Mariott Renaissance Harboursider hotel in downtown Vancouver, British Columbia.

Link: http://cansecwest.com/post/2007-04-19-12:30:00.Gentlemen_Start_Your_PWNing

[Thanks to MacDailyNews Reader “Shinobi” for the heads up.]

Related MacDailyNews article:
Apple MacBooks hold strong, remain unhacked after first day of $10,000 ‘Hack a Mac’ challenge – April 20, 2007
CanSecWest to hold ‘PWN to OWN’ contest: pits Apple MacBook Pros vs. hackers – March 26, 2007
Microsoft’s oft-delayed, much-pared-down Windows Vista hacked at Black Hat – August 07, 2006
Microsoft publicity stunt asks hackers to attack Windows Vista – August 04, 2006
Apple Mac remains ‘unhacked’ as University of Wisconsin’s Mac OS X Security Challenge ends – March 08, 2006
Mac OS X ‘unhacked’ over 24 hours and counting in genuine security challenge – March 07, 2006

39 Comments

  1. What…? No fake “third party wireless card” this time? Good luck hackers…! You get a free MacBook and $10,000. If this doesn’t produce any successful (and legitimate) hacks, nothing will.

  2. Where the hell’s WiseGuy when we wanna rub his face in his BS?!

    So the Mac’s not popular enough to warrant any attention from hackers, eh?

    MDNMW: dead, as in I reckon WiseGuy’s argument is dead in teh water.

  3. “Originally a successful hack would be rewarded with the MacBook. There had been some rumblings among event attendees that the reward was not big enough to draw interest.”-from the article

    Sounds like an excuse to me. I just don’t think they want to show what wienies they are in front of their little friends.

  4. I can’t remember where I read it, but someone say that OS X’s firewall “ain’t that great”. I’d like to know the justification behind that. A firewall either lets traffic through, or doesn’t. OS X’s firewall has more advanced features, such as Stealth mode. Not finding that on any Windows PCs sitting around here… ” width=”19″ height=”19″ alt=”smile” style=”border:0;” />

  5. But only a few weeks ago Bill Gates was assuring us that Macs are getting taken over every day.

    How come nobody is taking over these ones ? There’s the financial reward, a couple of nice new laptops and a great deal of fame to be had, so it seems very strange that people are supposedly taking over other Macs, but not bothering with these.

    If nothing else, as Bill Gates knows that people are taking over Macs, he should bribe one of those people to go to Vancouver and get on with it, otherwise Bill’s assertion will be shown to be totally false.

  6. Meanwhile, the prize for a similar “Hack a PC” contest is $20 and rapidly dropping. You are to hack an ultra-new Vista Ultimate computer that constantly runs Windows Live OneCare and has received all the latest patches. (Yes, the computer itself is new.)

    One more thing.

    You must do it twenty times in a row! Thus the twenty dollars.

    Twenty for twenty PC’s, Ten grand for one Mac. Take that, Bill. And sorry, Bill, I don’t know where this one’s taking place.

    Thank you for your lack of support, and remember that new windows still break easily.

  7. It bothers me to see these contests where people are essentially paid to demonstrate a criminal capability. Someone will eventually break into a Mac running OSX, Bill Gates et al will do a big “I told ya so” dance, and our lives will become less safe for it. OSX has vulnerabilities and I’d just as soon not see a successful exploit of any of them. Though, you’d think the record of the past several years would be calming for me.

    DLMeyer – the Voice of G.L.Horton’s Stage Page Pod Cast

  8. > Someone will eventually break into a Mac running OSX, Bill Gates et al will do a big “I told ya so” dance, and our lives will become less safe for it.

    Why? If someone hacks a Mac after so much effort, it doesn’t make Mac OS X any less safe. It will just demonstrate how much more difficult it is, compared to Windows. Bill Gates won’t say anything because it will draw more attention to how embarrassing Windows “Cancel or Allow” security is in comparison. And if no one can hack a Mac, WE Mac users can do the “I told ya so” dance. There is no downside to letting the best “criminals” give it a shot in a safe environment; if an exploit is actually demonstrated, that’s one less exploit that will appear in the real world.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.