CanSecWest A brand-new MacBook Air running a fully patched version of Leopard was the first to fall in a contest that pitted the security of machines running OS X, Vista and Linux. The exploit took less than two minutes to pull off.
Charlie Miller, who was the first security researcher to remotely exploit the iPhone, felled the Mac by tapping a security bug in Safari. The exploit involved getting an end user to click on a link, which opened up a port that he was then able to telnet into. Once connected, he was able to remotely run code of his choosing. The feat won him a $10,000 prize paid by Tipping Point, whose Zero Day Initiative pays bounties to researchers for responsibly disclosing vulnerabilities.
I, kao sto je i bilo ocekivano - Mac je prvi pukao na Hack Contestu, i to za 2 minuta, doduse u toku drugog dana - hahaha, za neupucene, ista stvar se desavala i prosle i pretprosle godine. Konkurenti Apple-u su bili Vista i Linux. Svi OS-evi su bili fully-patched ;-)
Ironicno, nacin upada na masinu je bio Safari Browser - koga Apple bas ovih dana pokusava da uvali Windows korisnicima koji imaju iTunes ili Quicktime preko apdejta gde je Safari ukljucen kao "update" cak i ako korisnik nema taj skrndelj od browsera na masini - Apple marketing masinerija valjda hoce da pimpuje broj njihovih skrndelj browsera koji su deployovani iako vecina korisnika ni nema pojma da ih ima ;-)
Eh eh... a tako su dobre one Apple reklame o "Mac vs. Vista security" - shame on them :) Mislim, klinknes link u browseru i otvori ti se Telnet Server na masini... divno, zar ne? :)
Ne zaboravimo da je onako iz ciste koincidencije Apple pre neki dan patchovao 20 i kusur rupetina u OS X-u, valjda da se ne bi izblamirali i ovaj put - ali avaj :)
PS - Verujem da ce armija Apple fanboy-a da ovo pravda faktom da su hakeri hteli da osvoje MacBook Air pa su ga zato hackovali..
PPS - i na kraju Dana 2, Vista i Linux jos nisu hackovani.. izgleda je OS X jedini "insecure by design" :)
http://www.digicortex.net/node/1 Videos: http://www.digicortex.net/node/17 Gallery: http://www.digicortex.net/node/25
PowerMonkey - Redyce CPU Power Waste and gain performance! - https://github.com/psyq321/PowerMonkey