Overclock.net › Forums › Industry News › Software News › [Engadget]PWN 2 OWN Over!
New Posts  All Forums:Forum Nav:

[Engadget]PWN 2 OWN Over! - Page 6

post #51 of 64
Quote:
Originally Posted by Lelouch View Post
The OS wasnt hacked, an application was. Also, Mac's cannot get a true virus, something windows cant say. Why? Because viruses have to self replicate, they cannot do it without the users permission in OSX because of Unix.
Actually, I'm pretty sure he compromised the OS itself through the application. That's why/how he won, right?

Quote:
Originally Posted by OmegaNemesis28 View Post
I read you're post wrong. To me at first it looked like you were trying to defend the macbook.
Nah, I'm just saying this isn't an accurate security benchmark. This contest, that is. And that's all it is - a contest/competition.

Quote:
Originally Posted by t213646 View Post
He was able to take full control of the OS through Safari, and if the OS was as bulletproof as you claim, he wouldn't have been able to do so (i.e. the exploit would have been limited to Safari if that's where it resided). Mac viruses can do anything a PC virus can do, the belief that they can't is just blatantly incorrect. He clearly didn't need to ask for permission to run his exploit.
He didn't claim the OS is bulletproof. The defense he talked about was against viruses. You don't use antispyware or a firewall for viruses, do you?

Quote:
Originally Posted by t213646 View Post
Vista's User Account Control has also brought Windows pretty much up-to-speed with regard to security. You need administrator credentials to install software and stuff.
1. Most (smart) people turn off UAC
2. Most (dumb) people just click OK when they see the annoying pop-up
3. All you have to do is click OK. I'm just speculating, but I would imagine it isn't that hard to get something to auto-click OK when it pops up.
post #52 of 64
Quote:
Originally Posted by carl25 View Post
pretty sure this will be on their top priority if it gets lots of news attention.

Heaven forbid apple gets some bad press
They will probably say they beat Vista anyways. After all, Apple is better. Why? "Because."
Maelstrom
(13 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i7 920 Gigabyte DS3LR eVGA 9800GTX+ 4x2gb G.Skill Ripjaws 
Hard DriveOSMonitorKeyboard
Seagate 500gb perp Windows 7 x64, Ubuntu 9.10 beta 23" Samsung, 22" Acer AL2223, 19" Hanns-G Logitech G15 
PowerCaseMouse
Ultra X-Finity 600W NZXT Alpha Logitech G7 
  hide details  
Reply
Maelstrom
(13 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i7 920 Gigabyte DS3LR eVGA 9800GTX+ 4x2gb G.Skill Ripjaws 
Hard DriveOSMonitorKeyboard
Seagate 500gb perp Windows 7 x64, Ubuntu 9.10 beta 23" Samsung, 22" Acer AL2223, 19" Hanns-G Logitech G15 
PowerCaseMouse
Ultra X-Finity 600W NZXT Alpha Logitech G7 
  hide details  
Reply
post #53 of 64
Quote:
Originally Posted by ted View Post
They will probably say they beat Vista anyways. After all, Apple is better. Why? "Because."
maybe they will say that since apple has been selling so much more, it was more likey to be hacked.
Sunfire
(13 items)
 
  
CPUMotherboardGraphicsRAM
E6300 @3.1 ASUS P5B Galaxy 8800gt 512 4gb g skill pc8000+ 4gb 6400 ballistix 
Hard DriveOptical DriveOSMonitor
500gb+640gb LG super multi Vista home premium 64bit Dell S2309W 
KeyboardPowerCaseMouse
Logitech G15 Corsair HX520 Antec P182 G5 
Mouse Pad
Steelseries pad 
  hide details  
Reply
Sunfire
(13 items)
 
  
CPUMotherboardGraphicsRAM
E6300 @3.1 ASUS P5B Galaxy 8800gt 512 4gb g skill pc8000+ 4gb 6400 ballistix 
Hard DriveOptical DriveOSMonitor
500gb+640gb LG super multi Vista home premium 64bit Dell S2309W 
KeyboardPowerCaseMouse
Logitech G15 Corsair HX520 Antec P182 G5 
Mouse Pad
Steelseries pad 
  hide details  
Reply
post #54 of 64
Quote:
Originally Posted by Emmanuel View Post
Apple=FAIL
When high prices meet low security!
Exactly.
post #55 of 64
lol that's a nice prize!
quad core madness
(14 items)
 
  
CPUMotherboardGraphicsRAM
Lapped Intel Core 2 Quad - Q6600 G0 Stepping Asus P5K Deluxe WiFi ATi Sapphire HD 6950 2GB Unlocked 8GB G.Skill Pi Black DDR2-800 PC2-6400 
Hard DriveOptical DriveOSMonitor
60GB OCZ Solid 2 SSD Samsung SATA 18X DVD Burner Windows 7 Ultimate x64 Dell 3007WFP-HC + 2x 2007FP in PLP 
KeyboardPowerCaseMouse
Ducky Shine Blue, MX Red Corsair HX620 620W Lian Li V1000 Plus Black Razer Mamba 2012 
Mouse PadAudio
XTrack Ripper XL Creative X-Fi XtremeMusic 
  hide details  
Reply
quad core madness
(14 items)
 
  
CPUMotherboardGraphicsRAM
Lapped Intel Core 2 Quad - Q6600 G0 Stepping Asus P5K Deluxe WiFi ATi Sapphire HD 6950 2GB Unlocked 8GB G.Skill Pi Black DDR2-800 PC2-6400 
Hard DriveOptical DriveOSMonitor
60GB OCZ Solid 2 SSD Samsung SATA 18X DVD Burner Windows 7 Ultimate x64 Dell 3007WFP-HC + 2x 2007FP in PLP 
KeyboardPowerCaseMouse
Ducky Shine Blue, MX Red Corsair HX620 620W Lian Li V1000 Plus Black Razer Mamba 2012 
Mouse PadAudio
XTrack Ripper XL Creative X-Fi XtremeMusic 
  hide details  
Reply
post #56 of 64
Quote:
Originally Posted by The Hundred Gunner View Post
He didn't claim the OS is bulletproof. The defense he talked about was against viruses. You don't use antispyware or a firewall for viruses, do you?

1. Most (smart) people turn off UAC
2. Most (dumb) people just click OK when they see the annoying pop-up
3. All you have to do is click OK. I'm just speculating, but I would imagine it isn't that hard to get something to auto-click OK when it pops up.
Admittedly, it doesn't really do much for the average user who just okays everything, but it's progress nonetheless. The UAC prompt comes up on a "secure desktop" which only the user can interact with in theory, but I've no idea how effective it actually is. It can be configured to require credentials rather than just prompting for consent, which is how I have it set up.

I have to disagree about turning UAC off altogether. What exactly is the advantage of turning it off? Unless you're performing administrative tasks constantly, it's really not that much of a bother considering the vastly improved security.

I can't see it being very annoying in a home setting where you generally don't need admin access very often, and in a business setting I imagine you'd want it enabled for the security.
post #57 of 64
Now, I'm a Windows guy, I would only use a Mac for video editing or maybe "creative stuff" but one Mac person defense to this which I haven't seen brought up is that the guy cracked the mac after 1 day and 2 minutes, the first day, nothing happened but on the second, they changed the rules allowing him to win. But... two minutes sounds better and he cracked it with the new rules in two minutes so...

Overall it was cracked in two minutes, just with a new set of rules.
Flying Phoenix
(13 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 940 @3.8ghz EVGA x58 2x GTX280 Dual SLI 6GB OCZ Platinum 
Hard DriveOSMonitorKeyboard
2x 150GB Velociraptors RAID 0 + 320GB Backup Drive Windows 7 64 27.5" Hanns G Logitech G15 
PowerCaseMouseMouse Pad
1200w Antec 1200 Logitech G5 XTrac Ripper 
  hide details  
Reply
Flying Phoenix
(13 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 940 @3.8ghz EVGA x58 2x GTX280 Dual SLI 6GB OCZ Platinum 
Hard DriveOSMonitorKeyboard
2x 150GB Velociraptors RAID 0 + 320GB Backup Drive Windows 7 64 27.5" Hanns G Logitech G15 
PowerCaseMouseMouse Pad
1200w Antec 1200 Logitech G5 XTrac Ripper 
  hide details  
Reply
post #58 of 64
Quote:
Originally Posted by t213646 View Post
I have to disagree about turning UAC off altogether. What exactly is the advantage of turning it off? Unless you're performing administrative tasks constantly, it's really not that much of a bother considering the vastly improved security.
Uh... Well I wanted to configure the config file for Resident Evil 4. I found that I couldn't save the damned thing. What I had to do was:

1. Drag the config to the desktop.
2. Open the file and do the editing.
3. Save the file.
4. Drag the config back to the folder.

And the part that sucked is that I didn't exactly know the syntax of the config file. I had to experiment, so you can imagine how redundant that task was until I finally got it right.

Quote:
Originally Posted by t213646 View Post
I can't see it being very annoying in a home setting where you generally don't need admin access very often, and in a business setting I imagine you'd want it enabled for the security.
CPU-Z required the admin "OK" click... So does fraps. And it was for that reason (I think) that windows vista wouldn't allow it to run on startup, and I couldn't even let it through via windows defender.

It seems pretty randomly selected which programs require the admin "OK" and which don't. I dunno; I just don't get that thing, so I turn it off. If it's working for you - excellent. More power to you.

Quote:
Originally Posted by HiddenPenguin View Post
Now, I'm a Windows guy, I would only use a Mac for video editing or maybe "creative stuff" but one Mac person defense to this which I haven't seen brought up is that the guy cracked the mac after 1 day and 2 minutes, the first day, nothing happened but on the second, they changed the rules allowing him to win. But... two minutes sounds better and he cracked it with the new rules in two minutes so...

Overall it was cracked in two minutes, just with a new set of rules.
They had the hacks setup before hand. He ran it through a website; no one did anything there on the spot.

Also, I read that no one was able to do anything the first day. The first part of the competition, the contestants had to hack the OS directly, which no one could do. The next day, they were allowed to attack through pre-installed programs that come with the OS, and that's where they got OSX - through Safari.

http://www.informationweek.com/softw...leID=207000434
post #59 of 64
Don't forget guys, that in one day, no one was actually able to directly hack any of the operating systems... i would like to have seen them continue in all directions. Both in hacking the OS's and to see who got second and third (first?) place in using apps as well.
Immortal
(13 items)
 
  
CPUMotherboardGraphicsRAM
E6600 44G 3.240GHz Asus P5B-deluxe eVGA 8800GT (650/950) 2GB PQIturbomem 667(800mhzballistix soon) 
Hard DriveOptical DriveOSMonitor
1x 400GB Seagate 7200rpm/16mb cache Some super combo drive Windows XP Home/Ubuntu NEC MultiSync LCD1970GX 
KeyboardPowerCaseMouse
Logitech cordless 610w PCP&C silencer TTArmor w/side fan G7 
Mouse Pad
Black IcematII 
  hide details  
Reply
Immortal
(13 items)
 
  
CPUMotherboardGraphicsRAM
E6600 44G 3.240GHz Asus P5B-deluxe eVGA 8800GT (650/950) 2GB PQIturbomem 667(800mhzballistix soon) 
Hard DriveOptical DriveOSMonitor
1x 400GB Seagate 7200rpm/16mb cache Some super combo drive Windows XP Home/Ubuntu NEC MultiSync LCD1970GX 
KeyboardPowerCaseMouse
Logitech cordless 610w PCP&C silencer TTArmor w/side fan G7 
Mouse Pad
Black IcematII 
  hide details  
Reply
post #60 of 64
Quote:
Originally Posted by cgrado View Post
Don't forget guys, that in one day, no one was actually able to directly hack any of the operating systems... i would like to have seen them continue in all directions. Both in hacking the OS's and to see who got second and third (first?) place in using apps as well.
Yeah, what were the results of the other OSs? I forgot all about them.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Software News
Overclock.net › Forums › Industry News › Software News › [Engadget]PWN 2 OWN Over!