DESPITE THE RABID CLAIMS of Apple fan boys that its software is more secure than anything else on the market, Jobs’ Mob products were the first to be trashed again at a Pwn2Own hacking competition.
In fact flaws in the Iphone OS and zero-day vulnerabilities in Apple’s Safari 4 web browser made a mockery of Apple’s advertising.
Flaws were also found in Mozilla Firefox and Internet Explorer 8 but apparently hackers had some trouble getting around exploitation mitigations in Windows 7, although eventually they did.
Researcher Charlie Miller, principal security analyst at Independent Security Evaluators, quickly exploited a vulnerability in the desktop version of Safari running on Mac OS X. He won $10,000 for the exploit, which was one of 20 zero-day bugs that Apple fanbois deny exist in OS X.
Miller’s exploit opened up a remote shell, which he accessed and was able to run any malicious code he wanted. We guess it just worked!
Miller said discovering the 20 zero-day vulnerabilities took him only three weeks using three computers, so who knows what he would have found if he had kept looking.
No surprise. If you want security run Chrome (or maybe Firefox) on Win7 with no flash. If you really, really want security don’t ever attach your computer to the net.
Notice they don’t do Linux at Pwn2Own?
Allrighty then, what virus scanner DOES protect Macs well?
Don’t buy this. macs are the safest things on earth. This is just to make you feel bad. Don’t listen to them.
[Har! - ed.]
Apple fanboys are an interesting bunch. They’ll argue with you till they’re blue about how secure Apple’s products are. And when you show they a pwn2own link, they’ll still downright deny the failure of Apple.
@#1 – “Notice they don’t do Linux at Pwn2Own?”
That must be because it’s so cryptic, no one even knows how to use the darn thing.
Actually they did Linux and Android, as well.
Virtually all of the “exploits” were premised on device users clicking into malicious websites – a process which opened the browsers in each device to security holes in the Internet.
Hard for a lifer to call any of this hacking – much less hacking the devices. Stay off the Web and stay all safe in your rabbit hole – or redo the protocols..
All computers online are vulnerable. Apple is easiest because most aren’t using protection.
Apples cost so much, fewer people have them and the hackers don’t get much bang for their work.
MacFags just got slapped in the face…again. Lol!
Nope, no Linux this year (they did Linux in 2008, not sure about 2009). XP, Vista, Win7, and OSX on the desktop. iPhone only phone used even though Android, Symbian, and Blackberries were also available.
Of course, any code has bugs. The trick to writing 100% bug free code is to keep the number of lines at 0.
Bug free code is bug free precisely because it doesn’t do anything.
I often refer to programming as a process of enbugging and then debugging.
Oh, BTW, Macs are safer than PCs … primarily because more people own windows boxes and more people hate microsoft, making them much more of a target for hackers.
On the other hand, in addition to finding more fingers there, I must say that I’ve never heard of microsoft doing a major release of software with few or no new features and just a whole bunch of code tightening.
Snow Leopard was a great concept in this regard.
Thats ’cause they are members of the cult-of-jobs. It is a religion, not a technology. Arguing with them is like arguing with any religious nutter… a total waste of time and energy.
#11 – yankinwaoz,
Not everyone who prefers mac to pc is cultish about it. I just like the machines better. They’re not perfect, just better. With my work Dell, I get blue screens about once a month; I get hangs where I have to press and hold the power button about once a week. With my mac, I’ve had it for 4 years and probably haven’t had to press and hold the power button more than 8 or 10 times.
#4: “That must be because it’s [Linux] so cryptic, no one even knows how to use the darn thing. ”
Exactly.I know Unix reasonably well, and know that Linux has the same commands as Unix more or less.
However, when I need to write command line code for Linux or Unix, I usually have to drag out a Unix manual to get the command modifiers right.
You’re welcome hopper.
@Misanthropic Scott,
Welcome back, haven’t seen you in awhile.
#10 You’re forgetting win7, but unlike SnowJob it actually made things better and didn’t eat your data during the upgrade.
Apple users for years have been lucky, there hasn’t been any real threat to them. But with the passing of time the target on their backs have been getting bigger.
I think of how many apple users are wide open to attack, just because they are unprepared and inexperenced when it comes to security, it’s scares me…
I’ve always been a PC guy, but I wouldn’t wish what will eventually come, upon them…
#12 Misanthropic Scott
I did not say all Apple owners are cultist. Nor am I saying Apple has poor products. They have great products.
I was referring to the fan boys who can’t accept that the product is vulnerable to attack, or might be inferior in any way to anything else.
I get the sense that you are not one of them and recognize Macs for what they are.. a closed architecture, high price- high quality personal computer platform. Nothing wrong with that.
It’s hard for us Mac users to understand just how vulnerable we are. Nine years of os x and not one viruses make you lazy. So if ever there is a wide spread malware threat maybe we’ll start to worry or buy a Windows machine to be secure.
#19 jobs. And Colonel. Klink was very proud that there was never a successful escape from Starlight 13.
“I see nothing. I see NOTHING!” said Sargeant Shultz.