fbpx

MacBook Air cracked in 2 minutes at PWN to OWN Contest

The “Pwn to Own” Hacking Contest held last week was a security battle amongst 3 major operating systems – MacOS X Leopard, Windows Vista, and Ubuntu Linux. The 3-day hacking contest gives away $20,000 in cash and prizes to the first contestant to hack any of the 3 systems.

The goal is to hack a laptop via the operating system. First one to hack any of the laptops gets to bring it home:

  • VAIO VGN-TZ37CN running Ubuntu 7.10
  • Fujitsu U810 running Vista Ultimate SP1
  • MacBook Air running OSX 10.5.2

The main purpose of this contest is to responsibly unearth new vulnerabilities within these systems so that the affected vendor(s) can address them.

To claim a laptop as your own, you will need to read the contents of a designated file on each system through exploitation of a 0day code execution vulnerability (ie: no directory traversal style bugs). Each laptop will only have a direct wired connection (exposed through a crossover cable) and only one person may attack each system at a time so that each team’s exploit remains private.

On the first day of the competition, all 3 laptops were unscathed. On the second day, the very first rig to be hack was surprisingly the MacBook Air (pwned in 2 minutes) via an undisclosed Safari browser vulnerability. That On the last day, the Windows Vista machine was also cracked. At the end of the 3 day competition, only the Ubuntu box remained untouched.

All newly discovered vulnerabilities were reported to Apple and Microsoft respectively. More details about the competition on the Tipping Point blog.

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 985 other subscribers
Avatar for Abe Olandres

Abe is the founder and Editor-in-Chief of YugaTech with over 20 years of experience in the technology industry. He is one of the pioneers of blogging in the country and considered by many as the Father of Tech Blogging in the Philippines. He is also a technology consultant, a tech columnist with several national publications, resource speaker and mentor/advisor to several start-up companies.

15 Responses

  1. Avatar for marian marian says:

    wow, GO UBUNTU!

  2. Avatar for BusinessGeeks BusinessGeeks says:

    It seems like the Ubuntu was ignored by the contest participants…

    Linux ignored, not immune, says hacker contest sponsor

  3. Avatar for moshfetron333 moshfetron333 says:

    the advantage of OSS is that the code was reviewed by many programmers and detected instantly unlike those corporate softs owned codes was reviewed by little and limited. and the worst sinister thing that may happen to apple/microsoft is that when one of their programmer puts a loophole within their codes and left unnoticed by other programmers. ‘conspiracy may happen’

  4. Avatar for koolitz koolitz says:

    i guess…safari sucks..not the OS

  5. Avatar for spidamang spidamang says:

    Or they really wanted to own the Mac. ;)

  6. Avatar for Anton Anton says:

    @ jeffry

    nothing to defend.. safari is really a buggy browser most people i know use firefox

  7. Avatar for pinoy websurfer pinoy websurfer says:

    or maybe the hackers are fanboys of ubuntu so they didn’t try hard to crack the OS. :P

  8. Avatar for Jehzeel Laurente Jehzeel Laurente says:

    whoa.. the free OS is super duper secured :P

  9. Avatar for Jeffrey Jeffrey says:

    Surprisingly, the fanboys did not troop this site to defend their beloved Apple/Mac unlike when Abe talked about the prices of Apple a few months ago.

  10. Avatar for Dark Knight Dark Knight says:

    Hi Abe. Vista was compromised on the third day (not the 2nd like you reported) upon installation of an Adobe product. :)

  11. Avatar for BrianB BrianB says:

    OS X is the easiest to hack, everyone knows that. Linux is every IT technician’s nightmare. Lose your password and you’re dead.

    • Avatar for Daison Daison says:

      well, ubuntu was the one who charlie miller’s 1st day to exploit, but no luck, because it’s secured and stable than other OS, ubuntu is now passing the OS today, like Android Linux OS.

  12. Avatar for Steady Steady says:

    Wow, it’s kinda surprising to see a free OS being the most secure one.:)

  13. Avatar for spidamang spidamang says:

    and as usual, the web is in a furor from all these OS fanboys defending their favorite OS. ;)

  14. Avatar for Jomark Osabel Jomark Osabel says:

    No wonder why it is called macbook air.

Leave a Reply
JOIN OUR TELEGRAM DISCUSSION

Your email address will not be published. Required fields are marked *