Well Nilay, I think what bigcow05 meant was that you did not specifically mention the interview with Charlie Miller (who showed two exploits for safari so far) in which he utters such things as: "Why Safari? It’s really simple. Safari on the Mac is easier to exploit. The things that Windows do to make it harder (for an exploit to work), Macs don’t do. Hacking into Macs is so much easier. You don’t have to jump through hoops and deal with all the anti-exploit mitigations you’d find in Windows.
It’s more about the operating system than the (target) program. Firefox on Mac is pretty easy too. The underlying OS doesn’t have anti-exploit stuff built into it." And perhaps: "On a scale of 1-10, how impressive was the Nils’ sweep of exploiting all three main browsers?
I was surprised. For IE 8, I’d give him a 9 out of 10. For Safari, maybe a 2. It’s just too easy to pop Safari. For Firefox on Windows, I give him a 10. That was the most impressive of the three. It’s really hard to exploit Firefox on Windows."
So yeah, that IS news (which wasn't reported here btw). Cheers!
Now that we've thrown 'em off the trail, use the form below to get in touch with the people at Engadget. Please fill in all of the required fields because they're required.
Funny how Engadget fails to mention that the Mac OS is easier to exploit than Windows.
http://blogs.zdnet.com/security/?p=2941
Hmm I wonder why this was not on the front page?
Interesting, so much for the secure os x! I was reading this on my early 2008 macbook (black) and I became afraid after reading the interviews.
It was on the front page -- five days ago when it was news. It's also linked from this post. You see what you want to see.
Well Nilay, I think what bigcow05 meant was that you did not specifically mention the interview with Charlie Miller (who showed two exploits for safari so far) in which he utters such things as:
"Why Safari?
It’s really simple. Safari on the Mac is easier to exploit. The things that Windows do to make it harder (for an exploit to work), Macs don’t do. Hacking into Macs is so much easier. You don’t have to jump through hoops and deal with all the anti-exploit mitigations you’d find in Windows.
It’s more about the operating system than the (target) program. Firefox on Mac is pretty easy too. The underlying OS doesn’t have anti-exploit stuff built into it."
And perhaps:
"On a scale of 1-10, how impressive was the Nils’ sweep of exploiting all three main browsers?
I was surprised. For IE 8, I’d give him a 9 out of 10. For Safari, maybe a 2. It’s just too easy to pop Safari. For Firefox on Windows, I give him a 10. That was the most impressive of the three. It’s really hard to exploit Firefox on Windows."
So yeah, that IS news (which wasn't reported here btw).
Cheers!