Saturday, March 29, 2008

MacBook Air Hijacked at a Hacker Contest within 2 Minutes...

Few weeks back I read this article about the CanSecWest hacking contest and I said ...pfff... hmmm... why we don't have these contests in India...?[Microsoft Security Shootout was a nice try in 2006 though...] anywayz, and recently in one of my RSS feed, I got this news, that MacBook Air[Poor thing...was on...solid diet.. I guess..maybe just Air...:D] got hijacked in less than two minutes at the CanSecWest contest by security researcher Charlie Miller [a well-known hacker who was among the first to break into the iPhone]. The other two contenders[The Hardware.. I am talking about here] were VAIO VGN-TZ37CN running Ubuntu 7.10 and a Fujitsu U810 running Windows Vista Ultimate SP1[Hmmm... now I guess.. I know why there was the delay in releasing the SP1] are standing still so far...let's see what happens to them.

For the tech-freaks, the first day of the contest saw contestants trying really hard to break into the laptops over the network; looking for a loophole in the OS itself, and nobody could do it. So on the second day, according to the contest rules, contestants directed organizers to specially crafted Web pages[With not-so-sweet surprise hidden in them :)]. Miller was real quick, in less than 2 minutes, he could get into the MacBook by directing the user to his web page containing magic beans[:P]. And yes.. MacBook did spill the beans..but you know... what? Safari is said to be the culprit here.. and now I understand why Mozilla CEO's rear end was not too happy about Apple Pushing Safari to the end users with iTunes. Check his semi-regular stream of unconsciousness[Dude...get a name...:P]..here..Oh..he was worried about the end user's security and blah .. blah.. blah..I would suggest all the Dirty Brown Fox Lovers to go and check http://www.mozilla.org/projects/security/known-vulnerabilities.html#Firefox.