Developers: Please Clarify CanSecWest Results on Apparent Safari Exploitation
The link below from Computerworld describes the apparent exploitation of Safari to gain access to user privileges on a Macbook by going to a malicious website. Two Macbooks were setup connected to a network at the MS sponsored CanSecWest Security conference. A $10,000 reward plus the Macbook were offered as a reward to anyone who could gain root access.
http://www.computerworld.com/comments/node/9017380
The reporting on this story on the internet has been a combination of poor journalism and confused reporting as to what was actually done. As far as I can tell, root access was never achieved. Can the Mac developers on the forum clarify what happened if they know.
Thanks.
http://www.computerworld.com/comments/node/9017380
The reporting on this story on the internet has been a combination of poor journalism and confused reporting as to what was actually done. As far as I can tell, root access was never achieved. Can the Mac developers on the forum clarify what happened if they know.
Thanks.
Comments
The link below from Computerworld describes the apparent exploitation of Safari to gain access to user privileges on a Macbook by going to a malicious website. Two Macbooks were setup connected to a network at the MS sponsored CanSecWest Security conference. A $10,000 reward plus the Macbook were offered as a reward to anyone who could gain root access.
http://www.computerworld.com/comments/node/9017380
The reporting on this story on the internet has been a combination of poor journalism and confused reporting as to what was actually done. As far as I can tell, root access was never achieved. Can the Mac developers on the forum clarify what happened if they know.
Thanks.
Developers who know the facts, please clarify.
The following appeared in MacWorld on 4/20/07. More confusion.
Hacker breaks into Mac at security conference
By Nancy Gohring, IDG News Service
VANCOUVER?A hacker managed to break into a Mac and win a $10,000 prize as part of a contest started at the CanSecWest security conference here.
According to the security blog Matasano Chargen, Shane Macaulay and Dino Dai Zovi won the contest by gaining shell access to a Mac by pointing the Mac?s Safari browser at a specially-constructed Web page.
?Currently, every copy of OS X out there now is vulnerable to this,? said Sean Comeau, one of the organizers of CanSecWest.
The conference organizers decided to offer the contest in part to draw attention to possible security shortcomings in Macs. ?You see a lot of people running OS X saying it?s so secure and frankly Microsoft is putting more work into security than Apple has,? said Dragos Ruiu, the principal organizer of security conferences including CanSecWest.
Initially, contestants were invited to try to access one of two Macs through a wireless access point while the Macs had no programs running. No attackers managed to do so, and so conference organizers allowed participants to try to get in through the browser by sending URLs via e-mail.
Di Zovie, who lives in New York, developed the exploit that exposed the hole on Thursday night. Since the contest was only open to conference attendees, he sent it to his friend Macaulay in Vancouver, who claimed the prize.
The URL opened a blank page but exposed a vulnerability in input handling in Safari, Comeau said. An attacker could use the vulnerability in a number of ways, but Di Zovie used it to open a back door that gave him access to anything on the computer, Comeau said.
The vulnerability won?t be published. 3Com Corp.?s TippingPoint division, which put up the cash prize, will handle disclosing it to Apple.
The prize for the contest was originally one of the Macs. But on Thursday evening, TippingPoint put up the cash award, which may have spurred a wider interest in the contest. According to Matasano Chargen, Macaulay will keep the MacBook while Dai Zovi will pocket the cash prize.
One reason Macs haven?t been much of a target for hackers is that there are fewer to attack, said Terri Forslof, manager of security response for TippingPoint. ?It?s an incentive issue. The Mac is not as widely deployed of a platform as say Windows,? she said. In this case, the cash may have provided motivation.
Jason Snell contributed to this report.
Edit: I originally had ThinkSecret as the Sponsor but it was TippingPoint. Posting at 4am and all that.
I smell a fix but need details to prove it. ThinkSecret was the Sponsor of the $10,000 reward.
Well, if true then it is even more interesting. Anyway, this must be the first widely known case of a hacked Macintosh under OS X and in a way that should never happen, even if it finally was only user and not root access. \
http://www.roughlydrafted.com/RD/RDM...BFA442BED.html
Try this.
http://www.roughlydrafted.com/RD/RDM...BFA442BED.html
Thanks physguy. This article should be required reading for all Mac users.
Furthermore, it once again highlights the shoddy journalistic practices observed daily on the internet.