The “Pwn to Own” Hacking Contest held last week was a security battle amongst 3 major operating systems - MacOS X Leopard, Windows Vista, and Ubuntu Linux. The 3-day hacking contest gives away $20,000 in cash and prizes to the first contestant to hack any of the 3 systems.
The goal is to hack a laptop via the operating system. First one to hack any of the laptops gets to bring it home:
- VAIO VGN-TZ37CN running Ubuntu 7.10
- Fujitsu U810 running Vista Ultimate SP1
- MacBook Air running OSX 10.5.2
The main purpose of this contest is to responsibly unearth new vulnerabilities within these systems so that the affected vendor(s) can address them.
To claim a laptop as your own, you will need to read the contents of a designated file on each system through exploitation of a 0day code execution vulnerability (ie: no directory traversal style bugs). Each laptop will only have a direct wired connection (exposed through a crossover cable) and only one person may attack each system at a time so that each team’s exploit remains private.
On the first day of the competition, all 3 laptops were unscathed. On the second day, the very first rig to be hack was surprisingly the MacBook Air (pwned in 2 minutes) via an undisclosed Safari browser vulnerability. That On the last day, the Windows Vista machine was also cracked. At the end of the 3 day competition, only the Ubuntu box remained untouched.
All newly discovered vulnerabilities were reported to Apple and Microsoft respectively. More details about the competition on the Tipping Point blog.
Loading ...
No wonder why it is called macbook air.
and as usual, the web is in a furor from all these OS fanboys defending their favorite OS.
Wow, it’s kinda surprising to see a free OS being the most secure one.:)
OS X is the easiest to hack, everyone knows that. Linux is every IT technician’s nightmare. Lose your password and you’re dead.
Hi Abe. Vista was compromised on the third day (not the 2nd like you reported) upon installation of an Adobe product.
Surprisingly, the fanboys did not troop this site to defend their beloved Apple/Mac unlike when Abe talked about the prices of Apple a few months ago.
whoa.. the free OS is super duper secured
or maybe the hackers are fanboys of ubuntu so they didn’t try hard to crack the OS.
@ jeffry
nothing to defend.. safari is really a buggy browser most people i know use firefox
Or they really wanted to own the Mac.
i guess…safari sucks..not the OS
the advantage of OSS is that the code was reviewed by many programmers and detected instantly unlike those corporate softs owned codes was reviewed by little and limited. and the worst sinister thing that may happen to apple/microsoft is that when one of their programmer puts a loophole within their codes and left unnoticed by other programmers. ‘conspiracy may happen’
It seems like the Ubuntu was ignored by the contest participants…
Linux ignored, not immune, says hacker contest sponsor
wow, GO UBUNTU!