Overclock.net › Forums › Industry News › Software News › [Engadget]PWN 2 OWN Over!
New Posts  All Forums:Forum Nav:

[Engadget]PWN 2 OWN Over! - Page 5

post #41 of 64
Quote:
Originally Posted by jdub01984 View Post
Regardless if the guy who won this thing spent 20 years creating his script, it took only a few minutes to exploit the system.

All you need is some hotey-tottey cool-guy sipping his double machiatto at starbucks to click a link and have his system compromised.

After going on for years how secure and bullet proof their OS is, I see this as an epic fail for Apple.
QTF
OC in progress...
(13 items)
 
  
CPUMotherboardGraphicsRAM
PII x3 720 BE @3.8ghz TA790gx 128m GTS 250 @ 800/1944/1230 2gb Gskill DDR2 1066 
OSPowerCase
W7/xp Corsair 400CX CM Mystique 
  hide details  
Reply
OC in progress...
(13 items)
 
  
CPUMotherboardGraphicsRAM
PII x3 720 BE @3.8ghz TA790gx 128m GTS 250 @ 800/1944/1230 2gb Gskill DDR2 1066 
OSPowerCase
W7/xp Corsair 400CX CM Mystique 
  hide details  
Reply
post #42 of 64
Quote:
Originally Posted by Lelouch View Post
Its only for Safari.

Note, there really arnt many exploits that let you gain control of Mac OSX out there, that you actually HACK the OS. Its all from software exploits.

But of course, just about no one on this forum will realize this, and now think they have some sort of leverage to use against mac "people"..
Well, the software does come preinstalled and most people use it... so it's like back when IE was much more popular "well, it's not Windows but Word" well... you can see the problem with that argument.
Immortal
(13 items)
 
  
CPUMotherboardGraphicsRAM
E6600 44G 3.240GHz Asus P5B-deluxe eVGA 8800GT (650/950) 2GB PQIturbomem 667(800mhzballistix soon) 
Hard DriveOptical DriveOSMonitor
1x 400GB Seagate 7200rpm/16mb cache Some super combo drive Windows XP Home/Ubuntu NEC MultiSync LCD1970GX 
KeyboardPowerCaseMouse
Logitech cordless 610w PCP&C silencer TTArmor w/side fan G7 
Mouse Pad
Black IcematII 
  hide details  
Reply
Immortal
(13 items)
 
  
CPUMotherboardGraphicsRAM
E6600 44G 3.240GHz Asus P5B-deluxe eVGA 8800GT (650/950) 2GB PQIturbomem 667(800mhzballistix soon) 
Hard DriveOptical DriveOSMonitor
1x 400GB Seagate 7200rpm/16mb cache Some super combo drive Windows XP Home/Ubuntu NEC MultiSync LCD1970GX 
KeyboardPowerCaseMouse
Logitech cordless 610w PCP&C silencer TTArmor w/side fan G7 
Mouse Pad
Black IcematII 
  hide details  
Reply
post #43 of 64
The only thing I get from all this whole issue is the fact that stupidity will get rewarded... if your carefull then nobody will take your collection of porn from your PC...
po-ta-toe
(15 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i7 2600 DH67CL Radeon HD 6850 Mix-a-match 
Hard DriveHard DriveHard DriveOptical Drive
Samsung 850 EVO Western Digital Blue Western Digital Green LG Multi-write DVD-ROM 
CoolingOSMonitorKeyboard
Cooler Master Hyper 212 EVO *nix Samsung TV Steelseries 6Gv2 
PowerCaseMouse
No name 550kW Circle Steelseries Sensei 
  hide details  
Reply
po-ta-toe
(15 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i7 2600 DH67CL Radeon HD 6850 Mix-a-match 
Hard DriveHard DriveHard DriveOptical Drive
Samsung 850 EVO Western Digital Blue Western Digital Green LG Multi-write DVD-ROM 
CoolingOSMonitorKeyboard
Cooler Master Hyper 212 EVO *nix Samsung TV Steelseries 6Gv2 
PowerCaseMouse
No name 550kW Circle Steelseries Sensei 
  hide details  
Reply
post #44 of 64
more companies should do this.. security firms often don't have the skills of "true" hackers who are willing to reveal secrets for a price
Needs More Red
(20 items)
 
  
CPUMotherboardGraphicsRAM
i7 3770k Asrock Z77 Extreme4 Gigabyte Windforce 290X OC 4GB Samsung DDR3-1600 Low Voltage 
RAMHard DriveHard DriveHard Drive
4GB Samsung DDR3-1600 Low Voltage 1TB Samsung F3 2TB Samsung F4 OCZ Agility 3 256GB 
Optical DriveOptical DriveCoolingOS
Samsung 24x DVD+-RW Lite-On 12x Bluray Burner Coolermaster Hyper 212 EVO Windows 8.1 Pro x64 
MonitorPowerCaseMouse
Yamakasi Catleap Q270 Antec TruePower 850W Thermaltake V4 Black Logitech G400s 
Mouse PadAudioAudio
Steelseries QCK Ultrasone Pro 900 Fiio E17 
  hide details  
Reply
Needs More Red
(20 items)
 
  
CPUMotherboardGraphicsRAM
i7 3770k Asrock Z77 Extreme4 Gigabyte Windforce 290X OC 4GB Samsung DDR3-1600 Low Voltage 
RAMHard DriveHard DriveHard Drive
4GB Samsung DDR3-1600 Low Voltage 1TB Samsung F3 2TB Samsung F4 OCZ Agility 3 256GB 
Optical DriveOptical DriveCoolingOS
Samsung 24x DVD+-RW Lite-On 12x Bluray Burner Coolermaster Hyper 212 EVO Windows 8.1 Pro x64 
MonitorPowerCaseMouse
Yamakasi Catleap Q270 Antec TruePower 850W Thermaltake V4 Black Logitech G400s 
Mouse PadAudioAudio
Steelseries QCK Ultrasone Pro 900 Fiio E17 
  hide details  
Reply
post #45 of 64
Quote:
Originally Posted by cgrado View Post
Well, the software does come preinstalled and most people use it... so it's like back when IE was much more popular "well, it's not Windows but Word" well... you can see the problem with that argument.
Just a side note: Safari isn't integrated into OSX like IE is integrated into windows. You don't have to use Safari ever if you don't want to.

Edit: but apparently it was enough for the hacker to gain complete control lol
post #46 of 64
Quote:
Originally Posted by jdub01984 View Post
Regardless if the guy who won this thing spent 20 years creating his script, it took only a few minutes to exploit the system.

All you need is some hotey-tottey cool-guy sipping his double machiatto at starbucks to click a link and have his system compromised.

After going on for years how secure and bullet proof their OS is, I see this as an epic fail for Apple.
The OS wasnt hacked, an application was. Also, Mac's cannot get a true virus, something windows cant say. Why? Because viruses have to self replicate, they cannot do it without the users permission in OSX because of Unix.

There is a difference in exploiting and application, and hacking the OS. Exploits on applications can happen through anything. Remember (or maybe not) all the problems with MS office where documents would be opened but create a security hole for hackers. Or maybe how Internet Explorer was also so susceptible to getting hacking and getting viruses..

Point is, if the person used Firefox, then most likely the system would not have been hacked . And expect a patch soon.
> Scotland
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II X4 965 BE ASUS M4A89GTD 9600GT OC G.SKILL Ripjaws 4GB 
Hard DriveOptical DriveOSMonitor
1TB WD Cavier Black Lite-On SATA DVD+RW Windows 7 Professional Samsung BX2335 + Samsung 2253BW 
KeyboardPowerCaseMouse
Microsoft FSP FX600-GLN-E Aspire X-Cruiser Razer Diamondback 3G 
Mouse Pad
Wacom Intuios 4 Medium 
  hide details  
Reply
> Scotland
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II X4 965 BE ASUS M4A89GTD 9600GT OC G.SKILL Ripjaws 4GB 
Hard DriveOptical DriveOSMonitor
1TB WD Cavier Black Lite-On SATA DVD+RW Windows 7 Professional Samsung BX2335 + Samsung 2253BW 
KeyboardPowerCaseMouse
Microsoft FSP FX600-GLN-E Aspire X-Cruiser Razer Diamondback 3G 
Mouse Pad
Wacom Intuios 4 Medium 
  hide details  
Reply
post #47 of 64
Quote:
Originally Posted by Lelouch View Post
The OS wasnt hacked, an application was. Also, Mac's cannot get a true virus, something windows cant say. Why? Because viruses have to self replicate, they cannot do it without the users permission in OSX because of Unix.

There is a difference in exploiting and application, and hacking the OS. Exploits on applications can happen through anything. Remember (or maybe not) all the problems with MS office where documents would be opened but create a security hole for hackers. Or maybe how Internet Explorer was also so susceptible to getting hacking and getting viruses..

Point is, if the person used Firefox, then most likely the system would not have been hacked . And expect a patch soon.
The OS had nothing on it other then the software that comes with it. Your point is invalid. Also Windows Vista now has a similar "root access" (called admin access in Vista) system as Unix. In addition they do get true viruses, they can replicate, they can do everything Windows viruses can. Security flaws allow then to do this without always asking the user's permission even then they can probably get it other ways.

Viruses exist in every operating system, it is just how it is.
Lee XT
(17 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX-6300 Asus M5A97 SAPPHIRE Radeon HD 7850 AMD 4GB DDR3 1333MHZ 
RAMRAMRAMHard Drive
AMD 4GB DDR3 1333MHZ AMD 4GB DDR3 1333MHZ AMD 4GB DDR3 1333MHZ OCZ Vertex 4 256GB 
CoolingOSMonitorKeyboard
Corsair H80 Windows 8.1 Pro MCE Dell P2414H WHXV7  Microsoft Generic 
PowerCaseMouseMouse Pad
Ultra 600W Limited Edition NZXT Black Steel Razer Deathadder Razer Goliath 
Audio
Realtek HD Audio 
  hide details  
Reply
Lee XT
(17 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX-6300 Asus M5A97 SAPPHIRE Radeon HD 7850 AMD 4GB DDR3 1333MHZ 
RAMRAMRAMHard Drive
AMD 4GB DDR3 1333MHZ AMD 4GB DDR3 1333MHZ AMD 4GB DDR3 1333MHZ OCZ Vertex 4 256GB 
CoolingOSMonitorKeyboard
Corsair H80 Windows 8.1 Pro MCE Dell P2414H WHXV7  Microsoft Generic 
PowerCaseMouseMouse Pad
Ultra 600W Limited Edition NZXT Black Steel Razer Deathadder Razer Goliath 
Audio
Realtek HD Audio 
  hide details  
Reply
post #48 of 64
Quote:
Originally Posted by Lelouch View Post
The OS wasnt hacked, an application was. Also, Mac's cannot get a true virus, something windows cant say. Why? Because viruses have to self replicate, they cannot do it without the users permission in OSX because of Unix.

There is a difference in exploiting and application, and hacking the OS. Exploits on applications can happen through anything. Remember (or maybe not) all the problems with MS office where documents would be opened but create a security hole for hackers. Or maybe how Internet Explorer was also so susceptible to getting hacking and getting viruses..

Point is, if the person used Firefox, then most likely the system would not have been hacked . And expect a patch soon.
os was hacked via safari, he didn't get complete control of safari
Sunfire
(13 items)
 
  
CPUMotherboardGraphicsRAM
E6300 @3.1 ASUS P5B Galaxy 8800gt 512 4gb g skill pc8000+ 4gb 6400 ballistix 
Hard DriveOptical DriveOSMonitor
500gb+640gb LG super multi Vista home premium 64bit Dell S2309W 
KeyboardPowerCaseMouse
Logitech G15 Corsair HX520 Antec P182 G5 
Mouse Pad
Steelseries pad 
  hide details  
Reply
Sunfire
(13 items)
 
  
CPUMotherboardGraphicsRAM
E6300 @3.1 ASUS P5B Galaxy 8800gt 512 4gb g skill pc8000+ 4gb 6400 ballistix 
Hard DriveOptical DriveOSMonitor
500gb+640gb LG super multi Vista home premium 64bit Dell S2309W 
KeyboardPowerCaseMouse
Logitech G15 Corsair HX520 Antec P182 G5 
Mouse Pad
Steelseries pad 
  hide details  
Reply
post #49 of 64
Quote:
Originally Posted by The Hundred Gunner View Post
No one said anything about that?

I said how are you going to use this as a meter when there are no controls to make this an actual "experiment?"
I read you're post wrong. To me at first it looked like you were trying to defend the macbook.
Nemesis NE-α
(15 items)
 
   
CPUMotherboardGraphicsRAM
Intel Core i7 4790k (Devil's Canyon) AsRock Z97 Extreme 4 Visiontek AMD 6990 Corsair XMS3 DDR3 1600 
Hard DriveCoolingOSMonitor
Samsung EVO 840 XSPC Raystorm Windows 8.1 Dell U2311H 1920x1080 IPS 
MonitorMonitorKeyboardPower
Dell U2311H 1920x1080 IPS Dell U2311H 1920x1080 IPS Ducky Blue Overclock.net Themed Mechanical Keyb... Corsair Silver 1kw  
CaseMouseAudio
Case Labs TH10 Logitech G502 Logitech 5.1 speakers w/ Onkyo Receiver 
CPUMotherboardGraphicsRAM
Intel Xeon W3520 i7 4.0ghz EVGA X58 Classified Visiontek 6990 GSkill 6GB DDR3 Pi 
Hard DriveOptical DriveOSMonitor
2x OCZ Vertex 60GB SSD ; 2x 1TB ; 2x 2TB Samsung BluRay Burner Windows 7 Ultimate 64x 3x Dell U2311H 23" 1080p IPS 
KeyboardPowerCaseMouse
Logitech G15 Gaming Keyboard SilverStone Strider 1000w Modular Power Supply Lian Li V2000 Plus Logitech G9 Gaming Laser Mouse 
Mouse Pad
Cyba Sniper Tracer (Acrylic Glass) 
  hide details  
Reply
Nemesis NE-α
(15 items)
 
   
CPUMotherboardGraphicsRAM
Intel Core i7 4790k (Devil's Canyon) AsRock Z97 Extreme 4 Visiontek AMD 6990 Corsair XMS3 DDR3 1600 
Hard DriveCoolingOSMonitor
Samsung EVO 840 XSPC Raystorm Windows 8.1 Dell U2311H 1920x1080 IPS 
MonitorMonitorKeyboardPower
Dell U2311H 1920x1080 IPS Dell U2311H 1920x1080 IPS Ducky Blue Overclock.net Themed Mechanical Keyb... Corsair Silver 1kw  
CaseMouseAudio
Case Labs TH10 Logitech G502 Logitech 5.1 speakers w/ Onkyo Receiver 
CPUMotherboardGraphicsRAM
Intel Xeon W3520 i7 4.0ghz EVGA X58 Classified Visiontek 6990 GSkill 6GB DDR3 Pi 
Hard DriveOptical DriveOSMonitor
2x OCZ Vertex 60GB SSD ; 2x 1TB ; 2x 2TB Samsung BluRay Burner Windows 7 Ultimate 64x 3x Dell U2311H 23" 1080p IPS 
KeyboardPowerCaseMouse
Logitech G15 Gaming Keyboard SilverStone Strider 1000w Modular Power Supply Lian Li V2000 Plus Logitech G9 Gaming Laser Mouse 
Mouse Pad
Cyba Sniper Tracer (Acrylic Glass) 
  hide details  
Reply
post #50 of 64
Quote:
Originally Posted by Lelouch
Hey guys I am a massive Apple fanboy also here's a load of misinformation
He was able to take full control of the OS through Safari, and if the OS was as bulletproof as you claim, he wouldn't have been able to do so (i.e. the exploit would have been limited to Safari if that's where it resided). Mac viruses can do anything a PC virus can do, the belief that they can't is just blatantly incorrect. He clearly didn't need to ask for permission to run his exploit.

Vista's User Account Control has also brought Windows pretty much up-to-speed with regard to security. You need administrator credentials to install software and stuff.

I don't mean to come off as a Windows cultist - Linux certainly has its place, and I own an iPhone - I just hate people blindly defending an OS.

edit: Licht summed it up nicely.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Software News
Overclock.net › Forums › Industry News › Software News › [Engadget]PWN 2 OWN Over!