Engadget

Charlie Miller to reveal 20 zero day security holes in Mac OS X

Darren Murph — Fri, 19 Mar 2010 09:29:00 EST

Say, Charles -- it's been awhile! But we're pleased as punch to see that you're back to your old ways, poking around within OS X's mainframe just looking for ways to remotely control the system, snag credit card data and download a few interoffice love letters that are carefully stashed 15 folders down within 'Documents.' The famed Apple security expert is planning yet another slam on OS X at CanSecWest, where he'll reveal no fewer than 20 zero day security holes within OS X. According to Miller, "OS X has a large attack surface consisting of open source components, closed source third-party components and closed source Apple components; bugs in any of these types of components can lead to remote compromise." He also goes on to reemphasize something he's been screaming for years: "Mac OS X is like living in a farmhouse in the country with no locks, and Windows is living in a house with bars on the windows in the bad part of town." In other words, Apple users are "safer" (due to the lack of work that goes into hacking them), "but less secure." So, is this a weird way of applying for a security job in Cupertino, or what?

Charlie Miller to reveal 20 zero day security holes in Mac OS X originally appeared on Engadget on Fri, 19 Mar 2010 09:29:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Simple keystroke sniffing schemes work where keyloggers won't

Darren Murph — Fri, 27 Mar 2009 09:01:00 EST

Ah, the wonders of CanSecWest. The famed security conference has delivered yet again in 2009, this time bringing to light two simple sniffing schemes that could be used to decipher typed text when keyloggers are just too noticeable. Gurus from Inverse Path were on hand to explain the approaches, one of which involved around $80 of off-the-shelf gear. In short, curious individuals could point a laser on the reflective surface of a laptop between 50 feet and 100 feet away, and then by using a "handmade laser microphone device and a photo diode to measure the vibrations, software for analyzing the spectrograms of frequencies from different keystrokes, as well as technology to apply the data to a dictionary," words could be pretty easily guessed. The second method taps into power grid signals passed along from PS/2 keyboard outputs, and by using a digital oscilloscope and an analog-digital converter, those in the know can pick out tweets from afar. Check the read link for more, and make sure you close those blinds and pick up a USB keyboard, pronto.

[Via Slashdot]

Filed under: Misc. Gadgets, Peripherals

Simple keystroke sniffing schemes work where keyloggers won't originally appeared on Engadget on Fri, 27 Mar 2009 09:01:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments

The Pwn2Own trifecta: Safari, IE 8, and Firefox exploited on day 1

Thomas Ricker — Thu, 19 Mar 2009 05:59:00 EST

That didn't take long. One day into the Pwn2Own hacking competition at CanSecWest and already Apple, Microsoft, and Mozilla have been sent packing to their respective labs to work on security issues in their browsers. In a repeat performance, Charlie Miller pocketed a $5,000 cash prize and a fully-patched MacBook by splitting it wide, and gaining full control of the device after a user clicked on his malicious link. Another white-hatter by the name Nils (pictured) toppled Internet Explorer 8 running on a Windows 7 laptop -- again, the five grand and compromised VAIO P laptop are now his to keep as compensation for turning over the malicious code. So much for "protection that no other browser can match," eh Mr. Ballmer? Nils then demonstrated a second Safari exploit before hacking Firefox later in the afternoon netting him a cool $15k by the close of day one. Only Google's Chrome was left unscathed -- Opera isn't part of the contest. This year's contest will also offer a $10,000 prize for every vulnerability successfully exploited in Windows Mobile, Android, Symbian, and the iPhone and BlackBerry OSes. In other words: this contest that runs through Friday isn't over by any stretch.

[Via ZDNET]

Filed under: Misc. Gadgets

The Pwn2Own trifecta: Safari, IE 8, and Firefox exploited on day 1 originally appeared on Engadget on Thu, 19 Mar 2009 05:59:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments

Linux becomes only OS to escape PWN 2 OWN unscathed

Darren Murph — Sat, 29 Mar 2008 14:48:00 EST

After a week full of Red Bulls, Fruit by the Foot and dreams of In-N-Out, the mighty Sony VAIO loaded with Linux stood as the only machine unhacked by the end of the PWN 2 OWN hacking contest at CanSecWest. As you're well aware by now, the MacBook Air on display was seized in two minutes by the presumably well prepared Charlie Miller, and after two full days of work, Shane Macaulay and a few of his 1337 associates managed to crack the Vista rig on Friday. Reportedly, Shane and his pals weren't expecting to do battle with the extra protected SP1 version of Vista, and while the exact loophole won't be divulged, we are told that it was a cross-platform bug that "took advantage of Java to circumvent Vista's security." In the end, it was reported that some folks on hand had discovered bugs in the Linux OS, but many of them "didn't want to put the work into developing the exploit code that would be required to win the contest."

[Image courtesy of TippingPoint]

Filed under: Laptops

Linux becomes only OS to escape PWN 2 OWN unscathed originally appeared on Engadget on Sat, 29 Mar 2008 14:48:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments

PWN 2 OWN over: MacBook Air gets seized in 2 minutes flat

Darren Murph — Thu, 27 Mar 2008 17:57:00 EST

And just think -- last year you were singing Dino Dai Zovi's praises for taking control of a MacBook Pro in nine whole hours. This year, the PWN 2 OWN hacking competition at CanSecWest was over nearly as quickly as the second day started, as famed iPhone hacker Charlie Miller showed the MacBook Air on display who its father really was. Apparently Mr. Miller visited a website which contained his exploit code (presumably via a crossover cable connected to a nearby MacBook), which then "allowed him to seize control of the computer, as about 20 onlookers [read: unashamed nerds] cheered him on." Of note, contestants could only use software that came pre-loaded on the OS, so obviously it was Safari that fell victim here. Nevertheless, he was forced to sign a nondisclosure agreement that'll keep him quiet until "TippingPoint can notify the vendor," but at least he'll have $10,000 and a new laptop to cuddle with during his silent spell.

Filed under: Laptops

PWN 2 OWN over: MacBook Air gets seized in 2 minutes flat originally appeared on Engadget on Thu, 27 Mar 2008 17:57:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments

PWN 2 OWN contest lets hackers choose Vista, OS X or Linux

Darren Murph — Thu, 27 Mar 2008 09:40:00 EST

Last year's PWN 2 OWN contest at the CanSecWest security conference went over way better than expected (read: exploits were glorified), so this year, organizers have spiced things up by letting hackers have their way with three separate machines. The Linux, OS X and Vista-based rigs were all setup as similarly as possible in order to "make sure the attack surface was the same on all of them." For attendees in Vancouver, there sits a $20,000 top prize -- which dwindles with each passing day as restrictions on attacks ease up -- but it can only be acquired if an all new zero-day cyber roundhouse kick is used. Anyone here going to give it a go? You get to keep the freshly victimized laptop too, you know.

Filed under: Laptops

PWN 2 OWN contest lets hackers choose Vista, OS X or Linux originally appeared on Engadget on Thu, 27 Mar 2008 09:40:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments

Safari browser exploit produced within 9 hours in hacking competition

Conrad Quilty-Harper — Sun, 22 Apr 2007 04:35:00 EST

Shane Macaulay and Dino Dai Zovi, a software engineer and security researcher taking part in the brilliantly named "PWN to Own" Hack-a-Mac contest at the CanSecWest conference in Vancouver, managed to hack into and take control of a MacBook by finding a security exploit that takes advantage of an open Safari browser window. Shane and his teammate Dino won the prize of a brand new MacBook -- presumably loaded with Firefox or some other browser variant -- for managing to find the hole on the second and final day of the contest. The hack wasn't exactly a breeze, since the pair admitted to a total of 9 hours in order to find and exploit the weakness. Apple has patched OS X four times over the last year to fix dozens of security updates, and only regurgitated the corporate line when asked for comment on this particular vulnerability. ("Apple takes security very seriously", well duh!) Even with the recent arousal of interest in Mac OS security, the world has yet to see any kind of exploit released into the wild world web; when / if one does, we'd probably expect the most damaging exploit to use good ol' social engineering rather than a complicated hack like this. Still, Mac users should take some form of satisfaction from knowing that the issue of Mac security is being investigated, rather than being taken for granted.

Filed under: Desktops, Laptops

Safari browser exploit produced within 9 hours in hacking competition originally appeared on Engadget on Sun, 22 Apr 2007 04:35:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments