Overclock.net › Forums › Industry News › Technology and Science News › [iSpyce]Apple's OS X is First OS to be Hacked at This Year's Pwn2Own
New Posts  All Forums:Forum Nav:

[iSpyce]Apple's OS X is First OS to be Hacked at This Year's Pwn2Own - Page 5

post #41 of 63
Quote:
Originally Posted by Wymm View Post
Really? Yet they keep boasting their hack-proof/virus-proof systems? False advertising ftw!
They boast because generally most web code is written with high IE compatibility, correct me if I'm wrong, and IE is used on PCs.

Apple has a lower global market share therefore attacks on Macs happen less frequent. Not entirely incorrect.
Shhhhh!
(13 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 930 Gigabyte GA-X58A-UD3R XFX 5870 1GB 6GB G.SKILL PI 1600MHz 
Hard DriveOptical DriveOSMonitor
120GB OCZ Vertex 2, 2x Hitachi 2TB (7K2000) Pioneer Blu-ray BDR-205BKS, Samsung SH-S243N Windows 7 Ultimate x64/WinXP Pro SP3 Samsung P2570 
KeyboardPowerCaseMouse
Logitech Elite Keyboard Corsair 850HX Lian-Li PC-B70 Logitech MX510 
Mouse Pad
Gel 
  hide details  
Reply
Shhhhh!
(13 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 930 Gigabyte GA-X58A-UD3R XFX 5870 1GB 6GB G.SKILL PI 1600MHz 
Hard DriveOptical DriveOSMonitor
120GB OCZ Vertex 2, 2x Hitachi 2TB (7K2000) Pioneer Blu-ray BDR-205BKS, Samsung SH-S243N Windows 7 Ultimate x64/WinXP Pro SP3 Samsung P2570 
KeyboardPowerCaseMouse
Logitech Elite Keyboard Corsair 850HX Lian-Li PC-B70 Logitech MX510 
Mouse Pad
Gel 
  hide details  
Reply
post #42 of 63
Is it just OSX vs 7, or is there a linux or BSD distro in there?
post #43 of 63
Quote:
Originally Posted by Boyboyd View Post
Is it just OSX vs 7, or is there a linux or BSD distro in there?
I think the article alludes to Linux and BSD not being included because they "couldn't" be hacked. I'm not sure since anything and everything can be hacked. And social engineering is the ultimate way to get it done easily considering how easy you can trick people these days; right GodJOBS?


Quote:
Originally Posted by steelbom View Post
This is five seconds... after weeks or months of research finding and coding this hack.
All contestants had the same amount of time to prepare their hacks before the contest so that means the windows guys had the same length of time to find something.

The difference is how fast the exploit could give control to the infiltrator. 5seconds is pretty scary. I hope that explained things for you.

Quote:
Originally Posted by steelbom View Post
What argument are you talking about? I made no argument. I simply said, it would've taken weeks, if not months, to develop the hack.

They release security updates when necessary.
No they don't. They are often very far behind what testers tell them. It's not a concern for them because they believe their own crap.


Quote:
Originally Posted by blackbalt89 View Post
Smart users don't get viruses either. Lol.
Unless they encounter a smarter hacker who is good enough to lead them into a trap. Or they're just feeling daring and get taught a lesson. But yes. The person behind the keyboard is the best and worst defense for a system.
     
CPUGraphicsRAMHard Drive
Intel Core m3-6Y30 Intel HD515 8GB 1866DDR3L Micron M600 MTFDDAV256MBF M.2, 256 GB 
CoolingOSOSMonitor
Fanless Win10 Home x64 Kubuntu 16.04 (requires Linux kernel 4.5/4.6) 13.3 inch 16:9, 1920x1080 pixel, AU Optronics A... 
CPUMotherboardGraphicsRAM
AthlonIIX4 640 3.62GHz (250x14.5) 2.5GHz NB Asus M4A785TD-M EVO MSI GTX275 (Stock 666) 8GBs of GSkill 1600 
RAMHard DriveHard DriveHard Drive
4GBs of Adata 1333 Kingston HyperX 3k 120GB WD Caviar Black 500GB Hitachi Deskstar 1TB 
Optical DriveCoolingOSOS
LG 8X BDR (WHL08S20) Cooler Master Hyper 212+ Kubuntu x64 Windows 7 x64 
OSMonitorPowerCase
Bodhi Linux x64 Acer G215H (1920x1080) Seasonic 520 HAF912 
CPUMotherboardGraphicsRAM
N450 1.8GHz AC and 1.66GHz batt ASUS proprietary for 1001P GMA3150 (can play bluray now!?) 1GB DDR2 
Hard DriveOptical DriveOSOS
160GB LGLHDLBDRE32X Bodhi Linux Fedora LXDE 
OSOSMonitorKeyboard
Kubuntu SLAX 1280x600 + Dell 15inch Excellent! 
PowerCase
6 cells=6-12hrs and a charger 1001P MU17 Black 
  hide details  
Reply
     
CPUGraphicsRAMHard Drive
Intel Core m3-6Y30 Intel HD515 8GB 1866DDR3L Micron M600 MTFDDAV256MBF M.2, 256 GB 
CoolingOSOSMonitor
Fanless Win10 Home x64 Kubuntu 16.04 (requires Linux kernel 4.5/4.6) 13.3 inch 16:9, 1920x1080 pixel, AU Optronics A... 
CPUMotherboardGraphicsRAM
AthlonIIX4 640 3.62GHz (250x14.5) 2.5GHz NB Asus M4A785TD-M EVO MSI GTX275 (Stock 666) 8GBs of GSkill 1600 
RAMHard DriveHard DriveHard Drive
4GBs of Adata 1333 Kingston HyperX 3k 120GB WD Caviar Black 500GB Hitachi Deskstar 1TB 
Optical DriveCoolingOSOS
LG 8X BDR (WHL08S20) Cooler Master Hyper 212+ Kubuntu x64 Windows 7 x64 
OSMonitorPowerCase
Bodhi Linux x64 Acer G215H (1920x1080) Seasonic 520 HAF912 
CPUMotherboardGraphicsRAM
N450 1.8GHz AC and 1.66GHz batt ASUS proprietary for 1001P GMA3150 (can play bluray now!?) 1GB DDR2 
Hard DriveOptical DriveOSOS
160GB LGLHDLBDRE32X Bodhi Linux Fedora LXDE 
OSOSMonitorKeyboard
Kubuntu SLAX 1280x600 + Dell 15inch Excellent! 
PowerCase
6 cells=6-12hrs and a charger 1001P MU17 Black 
  hide details  
Reply
post #44 of 63
Quote:
Originally Posted by steelbom View Post
Uhh, no... I don't care how many times in a row. The fact is, it takes weeks and months to develop these hacks.
Are you major butt hurt or something?
You keep saying this and we just don't care.
    
CPUMotherboardGraphicsRAM
Intel 6700k Asus Z170-A EVGA GTX 1080 SC 32GB Corsair Vengeance LPX 
Hard DriveHard DriveHard DriveHard Drive
Kingston HyperX 3K 120GB (OS) Kingston HyperX 3K 240GB (Storage) Seagate 1TB (Media)  Seagate 2TB (Media) 
Optical DriveCoolingOSMonitor
LG WH16NS40 BluRay Noctua NH-D15s Windows 10 Pro 64bit ASUS VG248QE 24" 
KeyboardPowerCaseMouse
Magicforce 68 Corsair TX850M Fractal Design R4 Logitech G600 
Mouse PadAudioAudioOther
Steelseries Qck Klipsch ICONs / 12" Dayton Sub SMSL SA-50 SMSL SD-793II 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Intel 6700k Asus Z170-A EVGA GTX 1080 SC 32GB Corsair Vengeance LPX 
Hard DriveHard DriveHard DriveHard Drive
Kingston HyperX 3K 120GB (OS) Kingston HyperX 3K 240GB (Storage) Seagate 1TB (Media)  Seagate 2TB (Media) 
Optical DriveCoolingOSMonitor
LG WH16NS40 BluRay Noctua NH-D15s Windows 10 Pro 64bit ASUS VG248QE 24" 
KeyboardPowerCaseMouse
Magicforce 68 Corsair TX850M Fractal Design R4 Logitech G600 
Mouse PadAudioAudioOther
Steelseries Qck Klipsch ICONs / 12" Dayton Sub SMSL SA-50 SMSL SD-793II 
  hide details  
Reply
post #45 of 63
Quote:
Originally Posted by Rookie1337 View Post
All contestants had the same amount of time to prepare their hacks before the contest so that means the windows guys had the same length of time to find something.
Yes, and did the Windows guys find nothing to hack it with?
Quote:
The difference is how fast the exploit could give control to the infiltrator. 5seconds is pretty scary. I hope that explained things for you.
I don't really see that as impressive. Once you've found out a way to execute something to get into a system, it shouldn't take long. And, that's why I wrote what I wrote. Just doesn't seem impressive (on Windows, or OS X) to spend weeks or months to find an exploit and then seconds to execute it.
Quote:
No they don't. They are often very far behind what testers tell them. It's not a concern for them because they believe their own crap.
How do you know? Do you use OS X regularly and see security issues found but no patches soon after?.

Quote:
Originally Posted by ACM View Post
Are you major butt hurt or something?
You keep saying this and we just don't care.
Eww, gross term. And no, as I said... I really couldn't care any less about this. It just doesn't seem impressive to me, to spend weeks or months finding an exploit (in Windows or OS X) and then executing it in a few seconds.
Kasuf
(9 items)
 
  
CPUMotherboardGraphicsRAM
Core i5 6600K ASRock Z170 Pro4 ASUS Radeon RX 480 ROG Strix Corsair Vengeance LPX 32GB 3000MHz 
Hard DriveCoolingMonitorPower
Samsung 850 EVO Noctua NH-D15 LG 34" Ultrawide (LG34UC98) Corsair HX750i 
Case
Silverstone FT05B-W 
  hide details  
Reply
Kasuf
(9 items)
 
  
CPUMotherboardGraphicsRAM
Core i5 6600K ASRock Z170 Pro4 ASUS Radeon RX 480 ROG Strix Corsair Vengeance LPX 32GB 3000MHz 
Hard DriveCoolingMonitorPower
Samsung 850 EVO Noctua NH-D15 LG 34" Ultrawide (LG34UC98) Corsair HX750i 
Case
Silverstone FT05B-W 
  hide details  
Reply
post #46 of 63
i dont know i mean shouldnt it say something if microsoft is constantly getting hacked and attacked but at a pwn2own every year it shows that osx is the easy target? do you feel safe knowning that if they choose to hack your computers it wont take long? bottom line is your idea of being safe because of less market share is gonna become less and less true and apple is gonna have to step it up.
Gamer
(14 items)
 
  
CPUMotherboardGraphicsRAM
Intel i7 5820k MSI X99S XPOWER AC Evga geforce 970  HyperX FURY 16GB (2 x 8GB) 288-Pin DDR4 SDRAM D... 
Hard DriveCoolingOSMonitor
samsung 850 Cooler Master Hyper 212 EVO Windows10.1 ASUS VG248QE 24 
MonitorPowerCaseMouse
Dell S2316M 23.8 SeaSonic SSR-650RM 650W DIYPC Silence-BK-Window g602 
  hide details  
Reply
Gamer
(14 items)
 
  
CPUMotherboardGraphicsRAM
Intel i7 5820k MSI X99S XPOWER AC Evga geforce 970  HyperX FURY 16GB (2 x 8GB) 288-Pin DDR4 SDRAM D... 
Hard DriveCoolingOSMonitor
samsung 850 Cooler Master Hyper 212 EVO Windows10.1 ASUS VG248QE 24 
MonitorPowerCaseMouse
Dell S2316M 23.8 SeaSonic SSR-650RM 650W DIYPC Silence-BK-Window g602 
  hide details  
Reply
post #47 of 63
Quote:
Originally Posted by steelbom View Post
Uhh, no... I don't care how many times in a row. The fact is, it takes weeks and months to develop these hacks.
What does that have to do with anything? So you're saying that these problems exist for months on end without being fixed?
    
CPUMotherboardGraphicsRAM
i5-2500k  MSI z68ma-EP55 4870 1GB 8GB Kingston Hyper X DDR3 1333 (7-7-7-20) 
Hard DriveOptical DriveOSMonitor
60GB OCZ V2 SSD and lots of mech drives DVD-ROM Windows 7 chronic edition BENQ 1680X1050 
KeyboardPowerCaseMouse
Kinesis Freestyle PC Power and Cooling 610watt Lian Li PC-A04B wowpen joy 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
i5-2500k  MSI z68ma-EP55 4870 1GB 8GB Kingston Hyper X DDR3 1333 (7-7-7-20) 
Hard DriveOptical DriveOSMonitor
60GB OCZ V2 SSD and lots of mech drives DVD-ROM Windows 7 chronic edition BENQ 1680X1050 
KeyboardPowerCaseMouse
Kinesis Freestyle PC Power and Cooling 610watt Lian Li PC-A04B wowpen joy 
  hide details  
Reply
post #48 of 63
Quote:
Originally Posted by ESP View Post
What does that have to do with anything? So you're saying that these problems exist for months on end without being fixed?
Yup. Being a security researcher is a no pay job if you just hand over your discovery of poor coding. Apple/Microsoft/etc will say "thanks" and you'll have nothing to show for your work in finding bugs.
DD Boxen
(23 items)
 
   
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230 Asus Maximus IV Gene-Z/Gen3 Powercolor 6970 2GB G. Skill 1600mHz Ripjaws 
Hard DriveOptical DriveCoolingCooling
SpinpontF3 1TB, WD 250, and WD320 Lite-On DT Waterblocks DT5Noz Waterblock Swiftech Komodo 6900-1 Waterblock 
CoolingCoolingCoolingOS
Swiftech MCR-220 Drive radiator Swiftech MCR-220 QP radiator 6xGentle Typhoon AP-15s Archx64 KDE4.5, Windows 7 x64 
MonitorKeyboardPowerCase
Eyefinity 3-head 5265x1050 OCN Ducky!! MX Blue Switches XFX 750W Black Edition Mountain Mods H2gO 
MouseAudioAudioAudio
Razer Naga Asus Xonar Essence STX Sennheiser 595 Sony STR-DE995 A/V receiver 
OtherOther
Lian Li Card flash memory reader Asus PCE-N15 Wifi-N card 
CPUMotherboardGraphicsRAM
AMD 1055T Gigabyte 790 Sapphire 4850x2 2x2GB 1600mHz 
Hard DriveOptical DriveOSKeyboard
A few Yes Vista/7 Das Keyboard 
Power
Ugly 
CPUMotherboardGraphicsRAM
Qualcomm Snapdragon APQ8060 1.2 GHz Something kinda small Qualcomm Adreno core 16GB 
Hard DriveOptical DriveOSMonitor
None N/A WebOS 3.0.2 9.7" XGA, multitouch 
PowerCase
6300mAh Piano Black 
  hide details  
Reply
DD Boxen
(23 items)
 
   
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230 Asus Maximus IV Gene-Z/Gen3 Powercolor 6970 2GB G. Skill 1600mHz Ripjaws 
Hard DriveOptical DriveCoolingCooling
SpinpontF3 1TB, WD 250, and WD320 Lite-On DT Waterblocks DT5Noz Waterblock Swiftech Komodo 6900-1 Waterblock 
CoolingCoolingCoolingOS
Swiftech MCR-220 Drive radiator Swiftech MCR-220 QP radiator 6xGentle Typhoon AP-15s Archx64 KDE4.5, Windows 7 x64 
MonitorKeyboardPowerCase
Eyefinity 3-head 5265x1050 OCN Ducky!! MX Blue Switches XFX 750W Black Edition Mountain Mods H2gO 
MouseAudioAudioAudio
Razer Naga Asus Xonar Essence STX Sennheiser 595 Sony STR-DE995 A/V receiver 
OtherOther
Lian Li Card flash memory reader Asus PCE-N15 Wifi-N card 
CPUMotherboardGraphicsRAM
AMD 1055T Gigabyte 790 Sapphire 4850x2 2x2GB 1600mHz 
Hard DriveOptical DriveOSKeyboard
A few Yes Vista/7 Das Keyboard 
Power
Ugly 
CPUMotherboardGraphicsRAM
Qualcomm Snapdragon APQ8060 1.2 GHz Something kinda small Qualcomm Adreno core 16GB 
Hard DriveOptical DriveOSMonitor
None N/A WebOS 3.0.2 9.7" XGA, multitouch 
PowerCase
6300mAh Piano Black 
  hide details  
Reply
post #49 of 63
Quote:
Originally Posted by steelbom View Post
What argument are you talking about? I made no argument. I simply said, it would've taken weeks, if not months, to develop the hack.
Did you even read the article or you just posting off-topic information? The exploit wasn't found via months of research, it was an exploit of a weak OS.

Quote:
On a most basic level the attack exploited Apple's weak memory protections in OS X Snow Leopard.
Quote:
By contrast, Snow Leopard only supports ASLR and the implementation is badly botched according to hackers.
Quote:
The attack also exploited poor coding in Apple's branch of WebKit, which features many bugs and security flaws.
Quote:
Originally Posted by steelbom View Post
I don't really see that as impressive. Once you've found out a way to execute something to get into a system, it shouldn't take long. And, that's why I wrote what I wrote. Just doesn't seem impressive (on Windows, or OS X) to spend weeks or months to find an exploit and then seconds to execute it.
If I appear to be harping down your throat, I'm not trying to. It seems you have limited skill in coding. 5 seconds relates to nearly a single line of code, a few application clicks, or a terminal command already embedded in OSX. The only things this hacker had access to was what was inside OSX; no pre-made functions were used nor could have been typed up in a mere 5 seconds.
Edited by Domino - 3/17/11 at 6:48pm
post #50 of 63
Quote:
Originally Posted by ESP View Post
What does that have to do with anything? So you're saying that these problems exist for months on end without being fixed?
I would imagine that many of these browser hacks and bugs exist in plugins, so for the most part they would have been there since the plugin was installed.

Then again, this security breach was performed on the first-party software part of Safari, so Apple can't blame anyone else but themselves. And that includes Adobe.
Edited by PhillyOverclocker - 3/17/11 at 6:45pm
My System
(17 items)
 
  
CPUMotherboardGraphicsGraphics
AMD Phenom II X4 955  Gigabyte GA-MA790XT-UD4P Sapphire HD 6950 Sapphire HD 6950 
RAMHard DriveHard DriveOptical Drive
G-Skill Mushkin Callisto Deluxe WD Black LG Supermulti 
CoolingOSKeyboardPower
Rasa Black CPU water block. Rasa X20 pump/res c... Windows 7 Ultimate x64 Deck Legend Fire mechanical with Cherry Black s... Cooler Master Silent Pro Gold 1200W modular PSU. 
CaseMouseAudio
Cooler Master Storm Scout Logitech MX-518 Logitech Wireless headset for gaming and 100w M... 
  hide details  
Reply
My System
(17 items)
 
  
CPUMotherboardGraphicsGraphics
AMD Phenom II X4 955  Gigabyte GA-MA790XT-UD4P Sapphire HD 6950 Sapphire HD 6950 
RAMHard DriveHard DriveOptical Drive
G-Skill Mushkin Callisto Deluxe WD Black LG Supermulti 
CoolingOSKeyboardPower
Rasa Black CPU water block. Rasa X20 pump/res c... Windows 7 Ultimate x64 Deck Legend Fire mechanical with Cherry Black s... Cooler Master Silent Pro Gold 1200W modular PSU. 
CaseMouseAudio
Cooler Master Storm Scout Logitech MX-518 Logitech Wireless headset for gaming and 100w M... 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Technology and Science News
Overclock.net › Forums › Industry News › Technology and Science News › [iSpyce]Apple's OS X is First OS to be Hacked at This Year's Pwn2Own