Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

The Pwn2Own trifecta: Safari, IE 8, and Firefox exploited on day 1
Engadget ^ | 19 Mar 2010 | Thomas Ricker

Posted on 03/25/2010 1:17:18 PM PDT by for-q-clinton

That didn't take long. One day into the Pwn2Own hacking competition at CanSecWest and already Apple, Microsoft, and Mozilla have been sent packing to their respective labs to work on security issues in their browsers. In a repeat performance, Charlie Miller pocketed a $5,000 cash prize and a fully-patched MacBook by splitting it wide, and gaining full control of the device after a user clicked on his malicious link. Another white-hatter by the name Nils (pictured) toppled Internet Explorer 8 running on a Windows 7 laptop -- again, the five grand and compromised VAIO P laptop are now his to keep as compensation for turning over the malicious code. So much for "protection that no other browser can match," eh Mr. Ballmer? Nils then demonstrated a second Safari exploit before hacking Firefox later in the afternoon netting him a cool $15k by the close of day one. Only Google's Chrome was left unscathed -- Opera isn't part of the contest. This year's contest will also offer a $10,000 prize for every vulnerability successfully exploited in Windows Mobile, Android, Symbian, and the iPhone and BlackBerry OSes. In other words: this contest that runs through Friday isn't over by any stretch.


TOPICS: Computers/Internet
KEYWORDS: hacked; ie8; mozilla; safari
Hmmmm....I thought it was only IE8 that was insecure.
1 posted on 03/25/2010 1:17:18 PM PDT by for-q-clinton
[ Post Reply | Private Reply | View Replies]

To: ShadowAce

Ping.


2 posted on 03/25/2010 1:17:36 PM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 1 | View Replies]

To: for-q-clinton

Apple Heads in 3-2-1


3 posted on 03/25/2010 1:19:32 PM PDT by jessduntno (B. Hussein Obama...I look at him and think, in the words of Biden, "Big F***ing deal.")
[ Post Reply | Private Reply | To 1 | View Replies]

To: for-q-clinton

An equal distribution of humble pie.


4 posted on 03/25/2010 1:21:03 PM PDT by Repeal 16-17 (Let me know when the Shooting starts.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: for-q-clinton

Chrome baby! - - I still don’t think I want it.

Firefox with NoScript should be good enough for the average user.


5 posted on 03/25/2010 1:21:06 PM PDT by smokingfrog (You can't ignore your boss and expect to keep your job... WWW.filipthishouse2010.com)
[ Post Reply | Private Reply | To 1 | View Replies]

To: jessduntno

You think? I bet most stay away until they can try to refute and downplay this exploit.

With things like, but Windows has more vulnerabilities and no one would do what is required to get the safari exploit to work (like it requires pushing the right mouse button...and we all know Mac users are too dumb to know how to use a right mouse button). BTW: That was Steve Jobs position on a right mouse button for years.


6 posted on 03/25/2010 1:21:18 PM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 3 | View Replies]

To: smokingfrog

Chrome was unavailable for testing because they made a last minute patch that would not have given the hackers an equal amount of preparation time as they had on the other browsers and nobody cares about Opera so nobody tried.


7 posted on 03/25/2010 1:30:55 PM PDT by aft_lizard (Barack Obama is Hugo Chavez's poodle.)
[ Post Reply | Private Reply | To 5 | View Replies]

To: rdb3; Calvinist_Dark_Lord; GodGunsandGuts; CyberCowboy777; Salo; Bobsat; JosephW; ...

8 posted on 03/25/2010 1:32:41 PM PDT by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 1 | View Replies]

To: jessduntno
Hackers finally had incentive to bust the notion that the Apple OS is invulnerable ... a cash prize!
9 posted on 03/25/2010 1:34:30 PM PDT by dartuser ("Palin 2012 ... nothing else will do.")
[ Post Reply | Private Reply | To 3 | View Replies]

To: aft_lizard

See what happens when you don’t read the article.

Maybe that’s a good case for using Opera? (Hackers not interested in spending the time to hack it.)


10 posted on 03/25/2010 1:34:57 PM PDT by smokingfrog (You can't ignore your boss and expect to keep your job... WWW.filipthishouse2010.com)
[ Post Reply | Private Reply | To 7 | View Replies]

To: aft_lizard

Doesn’t Chrome run off of WebKit?
http://en.wikipedia.org/wiki/Google_Chrome

If Safari was hacked, then likely Chrome would be too


11 posted on 03/25/2010 1:38:59 PM PDT by HangnJudge
[ Post Reply | Private Reply | To 7 | View Replies]

To: for-q-clinton

Hahahaha...you are probly right.

A little off topic:

Has the Army of Northern Virginia started to reform yet?


12 posted on 03/25/2010 1:45:40 PM PDT by jessduntno (B. Hussein Obama...I look at him and think, in the words of Biden, "Big F***ing deal.")
[ Post Reply | Private Reply | To 6 | View Replies]

To: for-q-clinton; Swordmaker
When there are valid and verifiable criticisms of Mac, this Mac user is always happy to read of it. (If this hack is real and Mac improves its security (and the others as well) its a good thing.

"...and we all know Mac users are too dumb to know how to use a right mouse button). "

Your posting history reveals a common thread of baiting Mac users.

I need some vitriol in this thread!" You have good posts on politics. But your trolling on Macs is revolting.

Did you have to take a class to become such a jerkwad, crap-mouthed D-bag, or did it just come naturally?

(: >)

13 posted on 03/25/2010 1:52:10 PM PDT by Yehuda (Land of the free, THANKS TO THE BRAVE!)
[ Post Reply | Private Reply | To 6 | View Replies]

To: for-q-clinton
we all know Mac users are too dumb to know how to use a right mouse button

You know, I wouldn't brag about needing two buttons to do what I can do with only one.

14 posted on 03/25/2010 1:56:03 PM PDT by Izzy Dunne (Hello, I'm a TAGLINE virus. Please help me spread by copying me into YOUR tag line.)
[ Post Reply | Private Reply | To 6 | View Replies]

To: Yehuda
Did you have to take a class to become such a jerkwad, crap-mouthed D-bag, or did it just come naturally?

I see you are in 101 version of that class based on your attempt to trash talk. Let me know what you graduate because your current attempts to be cool at trashtalking and a jerkwad are too juvenile to warrant a decent response from me. You may want to engage Steve Jobs if you think my comment upset you about the right mouse button.

15 posted on 03/25/2010 1:57:47 PM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 13 | View Replies]

To: Izzy Dunne

Then why did Mac add a 2nd mouse button? Either their users magically got a lot smarter or the OS had to evolve past something you can by at Toys R Us.


16 posted on 03/25/2010 1:58:45 PM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 14 | View Replies]

To: Yehuda

And by the way...thanks for trying to bringing some vitriol to the thread. But still not what is bound to eventually come once the Apple lovers get their commune to come together on an answer to these exploits. That’s when the good stuff will come.

Grab some popcorn...it should be fun to watch.


17 posted on 03/25/2010 2:03:42 PM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 13 | View Replies]

To: Yehuda

I once say a trash-talking tirade on this forum
that went on for pages.

It made me feel like such an inferior piker


18 posted on 03/25/2010 2:05:20 PM PDT by HangnJudge
[ Post Reply | Private Reply | To 13 | View Replies]

To: for-q-clinton

“I see you are in 101 version of that class”

As I suspected, you overpaid for your lessons.

“You may want to engage Steve Jobs “

Engage THIS, troll.


19 posted on 03/25/2010 2:08:43 PM PDT by Yehuda (Land of the free, THANKS TO THE BRAVE!)
[ Post Reply | Private Reply | To 15 | View Replies]

To: for-q-clinton
It can't be more fun than the
Unix geeks ganging up in SlashDot

The Mac / Windows / Google / etc. bashing
comments on this forum are pitifully derivative

20 posted on 03/25/2010 2:10:06 PM PDT by HangnJudge
[ Post Reply | Private Reply | To 17 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson