Overclock.net › Forums › Industry News › Software News › [TPoint]Vista hacked in PWN-to-OWN
New Posts  All Forums:Forum Nav:

[TPoint]Vista hacked in PWN-to-OWN - Page 7

post #61 of 76
Quote:
Originally Posted by prosser13 View Post
I'm not saying he didn't look them up, I'm just curious as to why all the "probably"'s!
I wrote those "probably"s because I only knew hacking the computers would get easier with each passing day, but I didn't actually know what restrictions would be lifted.

Since the first day was "over the network" only, and OSX was hacked through a 1st party app on the 2nd day, and Vista through a 3rd party app on the 3rd day, I figured out the rules... pretty accurately I might add
Omicron Lyrae
(13 items)
 
  
CPUMotherboardGraphicsRAM
Phenom II X3 720 BE @3.6 Asus M4A785TD-V EVO Sapphire HD5770 V2 OCZ 2x2GB Gold DDR3-1333 
Hard DriveOptical DriveOSMonitor
Samsung Spinpoint F3 1TB Sony Lightscribe DVD-RW Windows 7 Professional 64-bit AOC F22+ 1080p 
KeyboardPowerCaseMouse
Cherry Scissor Switch Flat Keyboard OCZ StealthXstream 600W Cooler Master Elite 334 Microsoft Sidewinder 
  hide details  
Reply
Omicron Lyrae
(13 items)
 
  
CPUMotherboardGraphicsRAM
Phenom II X3 720 BE @3.6 Asus M4A785TD-V EVO Sapphire HD5770 V2 OCZ 2x2GB Gold DDR3-1333 
Hard DriveOptical DriveOSMonitor
Samsung Spinpoint F3 1TB Sony Lightscribe DVD-RW Windows 7 Professional 64-bit AOC F22+ 1080p 
KeyboardPowerCaseMouse
Cherry Scissor Switch Flat Keyboard OCZ StealthXstream 600W Cooler Master Elite 334 Microsoft Sidewinder 
  hide details  
Reply
post #62 of 76
Quote:
Originally Posted by bdattilo View Post
OSX was hacked because of Safari, and Vista because of Flash. I think the rules need to be revised....the hacking occurred because of an application, not the OS itself.

Also, I want to see a competition between hacking Vista x86 and Vista x64. I think the results would be a bit different, and this competition used Vista x86.
if you're able to gain control of the operating system, that means there is a flaw in the OS which just so happens to be accessible through the app.

it's like having a hole in a wall covered with a sheet and claiming if it weren't for the sheet you wouldn't be able to get through... the vulnerability exists regardless as other software or similar could use the same exploit.
R7 1700
(21 items)
 
Phenom II BE
(13 items)
 
 
CPUMotherboardGraphicsRAM
R7 1700 ASUS Prime b350-a/CSM GTX 970 32GB @2666MHz 
Hard DriveHard DriveCoolingCooling
MyDigitalSSD PBX Western Digital Cavier Green 3TB HDD Corsair H100 Corsair Air Series AF140 Quiet Edition  
CoolingOSMonitorMonitor
Corsair Air Series AF140 Quiet Edition  Windows 10 x64 Dell u2711 Dell u2711 
MonitorMonitorKeyboardPower
Dell u2711 Shap Aquos 50" HDTV Das Keyboard Mechanical Keyboard - Silent Edition Corsair HX650W 
CaseMouseAudioAudio
Corsair Carbide 300r Razer Death Adder Klipsch promedia 2.1 Sennheiser HD800 
CPUMotherboardGraphicsRAM
Phenom II x4 720be Gigabyte ud4p 4870 512mb 4GB (2*2GB) Super talent micron d9 
Hard DriveOptical DriveOSMonitor
80GB Intel x25-m + 640GB WD cavier Lite On DVD burner Windows 7 Dell 2005 FPW & Dell e207wfp 
KeyboardPowerCaseMouse
Logitch Ultra X Corsair TX 750W Lianli PCV-1000II Logitech MX518 
  hide details  
Reply
R7 1700
(21 items)
 
Phenom II BE
(13 items)
 
 
CPUMotherboardGraphicsRAM
R7 1700 ASUS Prime b350-a/CSM GTX 970 32GB @2666MHz 
Hard DriveHard DriveCoolingCooling
MyDigitalSSD PBX Western Digital Cavier Green 3TB HDD Corsair H100 Corsair Air Series AF140 Quiet Edition  
CoolingOSMonitorMonitor
Corsair Air Series AF140 Quiet Edition  Windows 10 x64 Dell u2711 Dell u2711 
MonitorMonitorKeyboardPower
Dell u2711 Shap Aquos 50" HDTV Das Keyboard Mechanical Keyboard - Silent Edition Corsair HX650W 
CaseMouseAudioAudio
Corsair Carbide 300r Razer Death Adder Klipsch promedia 2.1 Sennheiser HD800 
CPUMotherboardGraphicsRAM
Phenom II x4 720be Gigabyte ud4p 4870 512mb 4GB (2*2GB) Super talent micron d9 
Hard DriveOptical DriveOSMonitor
80GB Intel x25-m + 640GB WD cavier Lite On DVD burner Windows 7 Dell 2005 FPW & Dell e207wfp 
KeyboardPowerCaseMouse
Logitch Ultra X Corsair TX 750W Lianli PCV-1000II Logitech MX518 
  hide details  
Reply
post #63 of 76
Quote:
Originally Posted by xlink View Post
if you're able to gain control of the operating system, that means there is a flaw in the OS which just so happens to be accessible through the app.

it's like having a hole in a wall covered with a sheet and claiming if it weren't for the sheet you wouldn't be able to get through... the vulnerability exists regardless as other software or similar could use the same exploit.

It's not a flaw in the OS. Microsoft gave them some power to write codes but they want more power. It's the vendor problem for allowing the program to have administrator powers.
post #64 of 76
The interaction of any app with the OS is directly related to the OS security. Saying that you can't HACK the OS without an App is doesn't make any sense. The OS as a standalone item doesn't do anything. It's sole purpose is to RUN apps.
    
CPUMotherboardGraphicsRAM
Q9650 E0 @ 4GHz (445x9) on 1.325V (bios) | ASUS Rampage Formula x48 | | BIOS 0410 | Visiontek 4870 790/1100 | 2x2GB G.Skill PI @1069MHz | 1.9V | 5-5-5-15 2T | 
Hard DriveOptical DriveOSMonitor
Seagate 2x320GB 7200.10 in RAID 0 + 250GB 7200.10 Lite-On DVD+-R/RW DL Vista Ultimate x64 42" Aquous @ 1440 x 900 (1920 x 1080 is too small) 
KeyboardPowerCaseMouse
Logitech MX5500 Silverstone DA750 THE Rocketfish Logitech MX Revolution 
Mouse Pad
Neat one from Body Worlds exhibit 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Q9650 E0 @ 4GHz (445x9) on 1.325V (bios) | ASUS Rampage Formula x48 | | BIOS 0410 | Visiontek 4870 790/1100 | 2x2GB G.Skill PI @1069MHz | 1.9V | 5-5-5-15 2T | 
Hard DriveOptical DriveOSMonitor
Seagate 2x320GB 7200.10 in RAID 0 + 250GB 7200.10 Lite-On DVD+-R/RW DL Vista Ultimate x64 42" Aquous @ 1440 x 900 (1920 x 1080 is too small) 
KeyboardPowerCaseMouse
Logitech MX5500 Silverstone DA750 THE Rocketfish Logitech MX Revolution 
Mouse Pad
Neat one from Body Worlds exhibit 
  hide details  
Reply
post #65 of 76
Quote:
Originally Posted by RPIJG View Post
The interaction of any app with the OS is directly related to the OS security. Saying that you can't HACK the OS without an App is doesn't make any sense. The OS as a standalone item doesn't do anything. It's sole purpose is to RUN apps.

But this can apply to all versions and all OS's. Well he said that he can tweak it to get control over a linux, unix, Mac.

So it can't be Vista too.
post #66 of 76
Just because there is a flaw in all OS's doesn't mean that it should be allowable. The exploit from a 3rd party app that applies to all OS's simply means that there is an interaction that occurs similar in all OS's that can be exploited, and that this area is a point of weakness for the OS. This in no way says that the OS is useless, it simply says that there is the ability for exploitation. As long as OS's are around, there will be exploitations, because of their inherent use.
    
CPUMotherboardGraphicsRAM
Q9650 E0 @ 4GHz (445x9) on 1.325V (bios) | ASUS Rampage Formula x48 | | BIOS 0410 | Visiontek 4870 790/1100 | 2x2GB G.Skill PI @1069MHz | 1.9V | 5-5-5-15 2T | 
Hard DriveOptical DriveOSMonitor
Seagate 2x320GB 7200.10 in RAID 0 + 250GB 7200.10 Lite-On DVD+-R/RW DL Vista Ultimate x64 42" Aquous @ 1440 x 900 (1920 x 1080 is too small) 
KeyboardPowerCaseMouse
Logitech MX5500 Silverstone DA750 THE Rocketfish Logitech MX Revolution 
Mouse Pad
Neat one from Body Worlds exhibit 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Q9650 E0 @ 4GHz (445x9) on 1.325V (bios) | ASUS Rampage Formula x48 | | BIOS 0410 | Visiontek 4870 790/1100 | 2x2GB G.Skill PI @1069MHz | 1.9V | 5-5-5-15 2T | 
Hard DriveOptical DriveOSMonitor
Seagate 2x320GB 7200.10 in RAID 0 + 250GB 7200.10 Lite-On DVD+-R/RW DL Vista Ultimate x64 42" Aquous @ 1440 x 900 (1920 x 1080 is too small) 
KeyboardPowerCaseMouse
Logitech MX5500 Silverstone DA750 THE Rocketfish Logitech MX Revolution 
Mouse Pad
Neat one from Body Worlds exhibit 
  hide details  
Reply
post #67 of 76
Quote:
Originally Posted by wolf_08 View Post
But this can apply to all versions and all OS's. Well he said that he can tweak it to get control over a linux, unix, Mac.

So it can't be Vista too.
Probably not. I highly doubt he'd get in Ubuntu through Flash.
Damit
(13 items)
 
  
CPUMotherboardGraphicsRAM
Phenom II x4 965 Black MSI 790FX-GD70 Asus ATI 5850 4x2 GBs RipJaw DDR3 1066 MHz 
Hard DriveOptical DriveOSMonitor
RAID 0 500 GB WD Black Lite-On Blue Ray, Samsung DVD Arch Linux/Ubuntu 10.04 25.5" Samsung 
KeyboardPowerCaseMouse
PS2 by Compaq 750 Watt COOLER MASTER Elite RC-332-KKN1-GP Death Adder 
Mouse Pad
Custom 
  hide details  
Reply
Damit
(13 items)
 
  
CPUMotherboardGraphicsRAM
Phenom II x4 965 Black MSI 790FX-GD70 Asus ATI 5850 4x2 GBs RipJaw DDR3 1066 MHz 
Hard DriveOptical DriveOSMonitor
RAID 0 500 GB WD Black Lite-On Blue Ray, Samsung DVD Arch Linux/Ubuntu 10.04 25.5" Samsung 
KeyboardPowerCaseMouse
PS2 by Compaq 750 Watt COOLER MASTER Elite RC-332-KKN1-GP Death Adder 
Mouse Pad
Custom 
  hide details  
Reply
post #68 of 76
Quote:
Originally Posted by GodofGrunts View Post
Probably not. I highly doubt he'd get in Ubuntu through Flash.
Linux platforms are not perfect. They are just as vulnerable as the rest.
System
(13 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 2500k ASRock P67 Extreme4 Gen 3 AMD 7970 16GB DDR3 
Hard DriveOptical DriveOSMonitor
Intel 520 256GB SATA DVD Burner Windows 7 64 bit Deal U2410 
KeyboardPowerMouse
Adesso Mechanical Silverstone OP650 Logitech G700 
  hide details  
Reply
System
(13 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 2500k ASRock P67 Extreme4 Gen 3 AMD 7970 16GB DDR3 
Hard DriveOptical DriveOSMonitor
Intel 520 256GB SATA DVD Burner Windows 7 64 bit Deal U2410 
KeyboardPowerMouse
Adesso Mechanical Silverstone OP650 Logitech G700 
  hide details  
Reply
post #69 of 76
Quote:
Originally Posted by pauldovi View Post
Linux platforms are not perfect. They are just as vulnerable as the rest.
True, but Ubuntu doesn't give access to root. Worst thing that could happen is probably getting info from your profile. Which you shouldn't be keeping sensitive information on your computer anyway.
Damit
(13 items)
 
  
CPUMotherboardGraphicsRAM
Phenom II x4 965 Black MSI 790FX-GD70 Asus ATI 5850 4x2 GBs RipJaw DDR3 1066 MHz 
Hard DriveOptical DriveOSMonitor
RAID 0 500 GB WD Black Lite-On Blue Ray, Samsung DVD Arch Linux/Ubuntu 10.04 25.5" Samsung 
KeyboardPowerCaseMouse
PS2 by Compaq 750 Watt COOLER MASTER Elite RC-332-KKN1-GP Death Adder 
Mouse Pad
Custom 
  hide details  
Reply
Damit
(13 items)
 
  
CPUMotherboardGraphicsRAM
Phenom II x4 965 Black MSI 790FX-GD70 Asus ATI 5850 4x2 GBs RipJaw DDR3 1066 MHz 
Hard DriveOptical DriveOSMonitor
RAID 0 500 GB WD Black Lite-On Blue Ray, Samsung DVD Arch Linux/Ubuntu 10.04 25.5" Samsung 
KeyboardPowerCaseMouse
PS2 by Compaq 750 Watt COOLER MASTER Elite RC-332-KKN1-GP Death Adder 
Mouse Pad
Custom 
  hide details  
Reply
post #70 of 76
Quote:
Originally Posted by Licht View Post
The rules said you were only allowed to use software that came preinstalled.
find me a system that doesn't come with flash pre-installed.

I know its not on the windows disc but windows pc to me means 90% of windows pc's from horrible companies like HP, Dell, and Sony, who give u bloatware. Macs don't come with bloatware.
My First Build
(14 items)
 
  
CPUMotherboardGraphicsRAM
Phenom II 940 Biostar 790GX A2+ Powercolor Radeon HD 7870 2x2GB Dominators Stock Clocks 
Hard DriveOSMonitorPower
SAMSUNG 840 SSD 128GB Windows 7 (64 bit) HP w2207 Corsair 750W 
CaseMouseAudio
Antec 300 Logitech G5 On Board 
  hide details  
Reply
My First Build
(14 items)
 
  
CPUMotherboardGraphicsRAM
Phenom II 940 Biostar 790GX A2+ Powercolor Radeon HD 7870 2x2GB Dominators Stock Clocks 
Hard DriveOSMonitorPower
SAMSUNG 840 SSD 128GB Windows 7 (64 bit) HP w2207 Corsair 750W 
CaseMouseAudio
Antec 300 Logitech G5 On Board 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Software News
Overclock.net › Forums › Industry News › Software News › [TPoint]Vista hacked in PWN-to-OWN