Overclock.net › Forums › Industry News › Technology and Science News › [iSpyce]Apple's OS X is First OS to be Hacked at This Year's Pwn2Own
New Posts  All Forums:Forum Nav:

[iSpyce]Apple's OS X is First OS to be Hacked at This Year's Pwn2Own - Page 6

post #51 of 63
Quote:
Originally Posted by ESP;12772480 
What does that have to do with anything? So you're saying that these problems exist for months on end without being fixed?
People were saying "wow 5 seconds", which I wasn't impressed by. I posted my opinion, honestly, I don't really care.
Quote:
Originally Posted by Domino;12772629 
Did you even read the article or you just posting off-topic information? The exploit wasn't found via months of research, it was an exploit of a weak OS.
Quote:
If I appear to be harping down your throat, I'm not trying to. It seems you have limited skill in coding. 5 seconds relates to nearly a single line of code, a few application clicks, or a terminal command already embedded in OSX. The only things this hacker had access to was what was inside OSX; no pre-made functions were used nor could have been typed up in a mere 5 seconds.
I do not have "limited skill in coding"... let's look at a more detailed quote, hey?
Quote:
First up, and first to fall, was Safari 5.0.3 on fully-patched Mac OS X 10.6.6. French security firm VUPEN was first to attack the browser, and five seconds after the browser visited its specially-crafted malicious web page, it had both launched the platform calculator application (a standard harmless payload to demonstrate that arbitrary code has been executed) and wrote a file to the hard disk (to demonstrate that the sandbox had been bypassed).

He didn't write that web page in five seconds... as I said, these hacks must have been researched and then coded.
Quote:
Speaking afterwards, VUPEN co-founder Chaouki Bekrar said that the exploit was somewhat difficult to pull off—and not because WebKit, the rendering engine that's at the heart of both Safari and Chrome, is lacking in vulnerabilities. Rather, exploitation was complicated by the fact that exploit techniques for 64-bit Safari are not widely documented. The techniques that the researchers used to bypass operating system protections like Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) are well-known, but the specific use and adaptation of these techniques on 64-bit Safari is unusual and required developing tools and attack code from scratch. Per the rules of the competition, full details of the pwn2own attacks, including the bypass techniques, won't be published until vendors have issued patches. Bekrar said that in total, a team of three researchers took two weeks to assemble the successful exploit.

It took how long? A team of three researches took two weeks? Link...

Anyway... I don't really care about this.
Kasuf
(9 items)
 
  
CPUMotherboardGraphicsRAM
Core i5 6600K ASRock Z170 Pro4 ASUS Radeon RX 480 ROG Strix Corsair Vengeance LPX 32GB 3000MHz 
Hard DriveCoolingMonitorPower
Samsung 850 EVO Noctua NH-D15 LG 34" Ultrawide (LG34UC98) Corsair HX750i 
Case
Silverstone FT05B-W 
  hide details  
Reply
Kasuf
(9 items)
 
  
CPUMotherboardGraphicsRAM
Core i5 6600K ASRock Z170 Pro4 ASUS Radeon RX 480 ROG Strix Corsair Vengeance LPX 32GB 3000MHz 
Hard DriveCoolingMonitorPower
Samsung 850 EVO Noctua NH-D15 LG 34" Ultrawide (LG34UC98) Corsair HX750i 
Case
Silverstone FT05B-W 
  hide details  
Reply
post #52 of 63
Quote:
Originally Posted by steelbom;12772903 
People were saying "wow 5 seconds", which I wasn't impressed by. I posted my opinion, honestly, I don't really care.


I do not have "limited skill in coding"... let's look at a more detailed quote, hey?



He didn't write that web page in five seconds... as I said, these hacks must have been researched and then coded.



It took how long? A team of three researches took two weeks? Link...

Anyway... I don't really care about this.

Just saying man, I think everyone acknowledges that it took more than 5 seconds to code the hack, 5 seconds seems pretty fast to me for execution.
    
CPUGraphicsRAMHard Drive
Intel Core 2 Quad Q8300 2.5 ghz GTX 460 1 gb 8 gigs ddr3 750 gig 
Optical DriveOSMonitorPower
Hp DVD-RAM GH40L Windows 7 home premium 64 bit 21 inch LCD 650 watts 
  hide details  
Reply
    
CPUGraphicsRAMHard Drive
Intel Core 2 Quad Q8300 2.5 ghz GTX 460 1 gb 8 gigs ddr3 750 gig 
Optical DriveOSMonitorPower
Hp DVD-RAM GH40L Windows 7 home premium 64 bit 21 inch LCD 650 watts 
  hide details  
Reply
post #53 of 63
Quote:
Originally Posted by Nick529;12773058 
Just saying man, I think everyone acknowledges that it took more than 5 seconds to code the hack, 5 seconds seems pretty fast to me for execution.
Yeah, but I was just pointing out or placing emphasis on the fact it took a long time to code / research, it takes away from the "awe" factor, at least for me. Would've probably written the same thing even if it was Windows 7.
Kasuf
(9 items)
 
  
CPUMotherboardGraphicsRAM
Core i5 6600K ASRock Z170 Pro4 ASUS Radeon RX 480 ROG Strix Corsair Vengeance LPX 32GB 3000MHz 
Hard DriveCoolingMonitorPower
Samsung 850 EVO Noctua NH-D15 LG 34" Ultrawide (LG34UC98) Corsair HX750i 
Case
Silverstone FT05B-W 
  hide details  
Reply
Kasuf
(9 items)
 
  
CPUMotherboardGraphicsRAM
Core i5 6600K ASRock Z170 Pro4 ASUS Radeon RX 480 ROG Strix Corsair Vengeance LPX 32GB 3000MHz 
Hard DriveCoolingMonitorPower
Samsung 850 EVO Noctua NH-D15 LG 34" Ultrawide (LG34UC98) Corsair HX750i 
Case
Silverstone FT05B-W 
  hide details  
Reply
post #54 of 63
When Apple fails, I smile. thumb.gif
Lounge Machine
(17 items)
 
Doc Wallace
(14 items)
 
Cap'n Crunch
(12 items)
 
CPUMotherboardGraphicsRAM
Core i5-2500K @ 4.70 GHz Asus P8P67 Pro XFX Double D R9 280 [1200/1600] 8GB G.Skill Sniper DDR3-2133 [9-11-10-28] 
Hard DriveHard DriveOptical DriveCooling
Mushkin Chronos 120GB SATA3 Samsung Spinpoint F3 500GB Asus DRW-24B1ST XSPC Rasa 750 RS240 
OSMonitorKeyboardPower
Windows 7 Pro x64 Asus VH236H Rosewill RK-7300 Rosewill RX750-S-B 
CaseMouseAudioOther
Lancool PC-K62 Logitech Mx518 Realtek HD 192KHz Visiontek Killer 2100 NIC 
CPUMotherboardGraphicsRAM
Phenom II X4 955 @ 3.80 GHz ASRock 770iCafe AM3+ EVGA Geforce GTX 460 1GB 8GB G.Skill Sniper 1866 
Hard DriveHard DriveOptical DriveCooling
Corsair Nova 30GB WD Caviar Blue 640GB Lite-On DVDRW Corsair H50 
OSMonitorPowerCase
Windows 7 Pro x64 Asus VH236H Corsair CX430 Diablotek EVO RPA-6170 
Mouse
Logitech LX3 
CPUMotherboardGraphicsRAM
Xeon 3060 @ 3.6GHz MSI P35 Platinum EVGA Geforce GTS 250 512MB 2GB OCZ Fatal1ty + 2GB ADATA Premier DDR2 
Hard DriveOptical DriveCoolingOS
Samsung HD161HJ DVDRW Xigmatek Dark Knight Windows 7 Home Premium x64 
MonitorPowerCaseMouse
Compaq S1922A Cheifmax 650W Raidmax Smilodon EB Logitech LX3 
  hide details  
Reply
Lounge Machine
(17 items)
 
Doc Wallace
(14 items)
 
Cap'n Crunch
(12 items)
 
CPUMotherboardGraphicsRAM
Core i5-2500K @ 4.70 GHz Asus P8P67 Pro XFX Double D R9 280 [1200/1600] 8GB G.Skill Sniper DDR3-2133 [9-11-10-28] 
Hard DriveHard DriveOptical DriveCooling
Mushkin Chronos 120GB SATA3 Samsung Spinpoint F3 500GB Asus DRW-24B1ST XSPC Rasa 750 RS240 
OSMonitorKeyboardPower
Windows 7 Pro x64 Asus VH236H Rosewill RK-7300 Rosewill RX750-S-B 
CaseMouseAudioOther
Lancool PC-K62 Logitech Mx518 Realtek HD 192KHz Visiontek Killer 2100 NIC 
CPUMotherboardGraphicsRAM
Phenom II X4 955 @ 3.80 GHz ASRock 770iCafe AM3+ EVGA Geforce GTX 460 1GB 8GB G.Skill Sniper 1866 
Hard DriveHard DriveOptical DriveCooling
Corsair Nova 30GB WD Caviar Blue 640GB Lite-On DVDRW Corsair H50 
OSMonitorPowerCase
Windows 7 Pro x64 Asus VH236H Corsair CX430 Diablotek EVO RPA-6170 
Mouse
Logitech LX3 
CPUMotherboardGraphicsRAM
Xeon 3060 @ 3.6GHz MSI P35 Platinum EVGA Geforce GTS 250 512MB 2GB OCZ Fatal1ty + 2GB ADATA Premier DDR2 
Hard DriveOptical DriveCoolingOS
Samsung HD161HJ DVDRW Xigmatek Dark Knight Windows 7 Home Premium x64 
MonitorPowerCaseMouse
Compaq S1922A Cheifmax 650W Raidmax Smilodon EB Logitech LX3 
  hide details  
Reply
post #55 of 63
Quote:
Originally Posted by steelbom;12772903 
I do not have "limited skill in coding"... let's look at a more detailed quote, hey?

He didn't write that web page in five seconds... as I said, these hacks must have been researched and then coded.
Quote:
Originally Posted by steelbom;12773101 
Yeah, but I was just pointing out or placing emphasis on the fact it took a long time to code / research, it takes away from the "awe" factor, at least for me. Would've probably written the same thing even if it was Windows 7.

Again, did you read the article?
Quote:
Microsoft, more popular and more commonly attacked, includes two critical types of memory protection -- data execution prevention and robust address space layout optimization (ASLR) -- both of which attempt to prevent memory injection attacks. By contrast, Snow Leopard only supports ASLR and the implementation is badly botched according to hackers.

There is an extended quote for you. However, all you needed to know is what was previously quoted. ASLR is the fundamental of protection in memory exploits for OSX. Regardless if he had previously coded or not, it took a few clicks to get through ASLR. Any coder understands this. Months of research is not needed. You can actually learn this in a single sitting.

Have you used any other browser outside of Safari? The web browser Chrome protects against this better then the entire fundamentals of OSX in terms of memory exploitation. The moment there is anything attempting to run in the background, Chrome finds it and stops before it ever reaching your memory. Sadly, OSX can't do this, and hasn't....for 4 years.

The fact of the matter is, the moment you get hit on OSX, you're toast. Better go grab Chrome if you're browsing the interwebz.
Edited by Domino - 3/17/11 at 7:41pm
post #56 of 63
Quote:
Originally Posted by Domino;12773157 
Again, did you read the article?
Yeah, I did... did you read what I quoted? I think not, or at least not very well.
Quote:
There is an extended quote for you. However, all you needed to know is what was previously quoted. ASLR is the fundamental of protection in memory exploits for OSX. Regardless if he had previously coded or not, it took a few clicks to get through ASLR. Any coder understands this. Months of research is not needed. You can actually learn this in a single sitting.
I read that quote already. Applying those techniques to bypass ASLR with 64-bit Safari isn't as simple as that.

You said:
Quote:
Did you even read the article or you just posting off-topic information? The exploit wasn't found via months of research, it was an exploit of a weak OS.
It was found via weeks of research and re-writing tools to get in through Safari, that was my point.

Months of research not needed? A few clicks to get through? Not quite, read my quote again:
Quote:
Rather, exploitation was complicated by the fact that exploit techniques for 64-bit Safari are not widely documented. The techniques that the researchers used to bypass operating system protections like Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) are well-known, but the specific use and adaptation of these techniques on 64-bit Safari is unusual and required developing tools and attack code from scratch.
The point of my reply to you, was that it DID take weeks to research this and to code it. That was my point, and I have proved it.
Quote:
Have you used any other browser outside of Safari? The web browser Chrome protects against this better then the entire fundamentals of OSX in terms of memory exploitation. The moment there is anything attempting to run in the background, Chrome finds it and stops before it ever reaching your memory. Sadly, OSX can't do this, and hasn't....for 4 years.

The fact of the matter is, the moment you get hit on OSX, you're toast. Better go grab Chrome if you're browsing the interwebz.
I use Safari and regularly use Chrome too, I'm typing on Chrome right now, in fact.

The security expert says clearly here that the reason they found the exploit difficult wasn't because that there aren't many vulnerabilities in WebKit which both Chrome and Safari use, rather because Safari is 64-bit.
Quote:
Speaking afterwards, VUPEN co-founder Chaouki Bekrar said that the exploit was somewhat difficult to pull off—and not because WebKit, the rendering engine that's at the heart of both Safari and Chrome, is lacking in vulnerabilities.

The reason Chrome wasn't hacked was because the guy withdrew because the cash prize was off the table, as his exploit was patched in the latest version of Chrome, but not in the version the competition was using. He'd have gotten the machine, but not the cash prize.
Kasuf
(9 items)
 
  
CPUMotherboardGraphicsRAM
Core i5 6600K ASRock Z170 Pro4 ASUS Radeon RX 480 ROG Strix Corsair Vengeance LPX 32GB 3000MHz 
Hard DriveCoolingMonitorPower
Samsung 850 EVO Noctua NH-D15 LG 34" Ultrawide (LG34UC98) Corsair HX750i 
Case
Silverstone FT05B-W 
  hide details  
Reply
Kasuf
(9 items)
 
  
CPUMotherboardGraphicsRAM
Core i5 6600K ASRock Z170 Pro4 ASUS Radeon RX 480 ROG Strix Corsair Vengeance LPX 32GB 3000MHz 
Hard DriveCoolingMonitorPower
Samsung 850 EVO Noctua NH-D15 LG 34" Ultrawide (LG34UC98) Corsair HX750i 
Case
Silverstone FT05B-W 
  hide details  
Reply
post #57 of 63
Yes, some of the best hackers in the world who prepared for a hacking event made a tool to hack safari in 5 seconds, but how often does this happen to OSX/safari on a regular day compared to how ofter Windows/IE gets hacked tongue.gif
post #58 of 63
Quote:
Originally Posted by L D4WG;12774290 
Yes, some of the best hackers in the world who prepared for a hacking event made a tool to hack safari in 5 seconds, but how often does this happen to OSX/safari on a regular day compared to how ofter Windows/IE gets hacked tongue.gif

All that is needed is for the guide or a script to be laid out and the kiddies can go at it. No different than with windows. This is really where the tides will turn when they will either include or focus exclusively on exploiting macs.

Again. Apple preys on the hopes and ignorance of a user. They're the greatest hackers in terms of number of victims. If someone doesn't want to protect themselves I don't have to feel pity for them when they get hurt.
     
CPUGraphicsRAMHard Drive
Intel Core m3-6Y30 Intel HD515 8GB 1866DDR3L Micron M600 MTFDDAV256MBF M.2, 256 GB 
CoolingOSOSMonitor
Fanless Win10 Home x64 Kubuntu 16.04 (requires Linux kernel 4.5/4.6) 13.3 inch 16:9, 1920x1080 pixel, AU Optronics A... 
CPUMotherboardGraphicsRAM
AthlonIIX4 640 3.62GHz (250x14.5) 2.5GHz NB Asus M4A785TD-M EVO MSI GTX275 (Stock 666) 8GBs of GSkill 1600 
RAMHard DriveHard DriveHard Drive
4GBs of Adata 1333 Kingston HyperX 3k 120GB WD Caviar Black 500GB Hitachi Deskstar 1TB 
Optical DriveCoolingOSOS
LG 8X BDR (WHL08S20) Cooler Master Hyper 212+ Kubuntu x64 Windows 7 x64 
OSMonitorPowerCase
Bodhi Linux x64 Acer G215H (1920x1080) Seasonic 520 HAF912 
CPUMotherboardGraphicsRAM
N450 1.8GHz AC and 1.66GHz batt ASUS proprietary for 1001P GMA3150 (can play bluray now!?) 1GB DDR2 
Hard DriveOptical DriveOSOS
160GB LGLHDLBDRE32X Bodhi Linux Fedora LXDE 
OSOSMonitorKeyboard
Kubuntu SLAX 1280x600 + Dell 15inch Excellent! 
PowerCase
6 cells=6-12hrs and a charger 1001P MU17 Black 
  hide details  
Reply
     
CPUGraphicsRAMHard Drive
Intel Core m3-6Y30 Intel HD515 8GB 1866DDR3L Micron M600 MTFDDAV256MBF M.2, 256 GB 
CoolingOSOSMonitor
Fanless Win10 Home x64 Kubuntu 16.04 (requires Linux kernel 4.5/4.6) 13.3 inch 16:9, 1920x1080 pixel, AU Optronics A... 
CPUMotherboardGraphicsRAM
AthlonIIX4 640 3.62GHz (250x14.5) 2.5GHz NB Asus M4A785TD-M EVO MSI GTX275 (Stock 666) 8GBs of GSkill 1600 
RAMHard DriveHard DriveHard Drive
4GBs of Adata 1333 Kingston HyperX 3k 120GB WD Caviar Black 500GB Hitachi Deskstar 1TB 
Optical DriveCoolingOSOS
LG 8X BDR (WHL08S20) Cooler Master Hyper 212+ Kubuntu x64 Windows 7 x64 
OSMonitorPowerCase
Bodhi Linux x64 Acer G215H (1920x1080) Seasonic 520 HAF912 
CPUMotherboardGraphicsRAM
N450 1.8GHz AC and 1.66GHz batt ASUS proprietary for 1001P GMA3150 (can play bluray now!?) 1GB DDR2 
Hard DriveOptical DriveOSOS
160GB LGLHDLBDRE32X Bodhi Linux Fedora LXDE 
OSOSMonitorKeyboard
Kubuntu SLAX 1280x600 + Dell 15inch Excellent! 
PowerCase
6 cells=6-12hrs and a charger 1001P MU17 Black 
  hide details  
Reply
post #59 of 63
OSX doesn't get viruses.

OSX is easily compromised through programming flaws.

Lol it doesn't matter though cause marketshare xD

OSX ftw.


If someone downloads kanyewest.exe off of limewire (or whatever the current easymode pirating software is) and the malware isn't written for OSX of course they'll think they're more secure.

But using that as an argument in OSX's favor is naive and juvenile. Computers are tools that most people just don't know how to maintain. There's nothing wrong with these people, they provide a business for small town computer shops. They provide business for Best Buy et al.

Which OS is more secure is really not very important for consumers, which is exactly what OSX is designed for. Security is vastly more important in serverware, where hackers and malware can create big problems for corporations and for private info.

Sure, someone may have saved their credit card info, or personal identifying information on their computer, and that could be accessed by a hacker, but I don't believe that is a statistically significant number of people.

These contests do help programmers identify flawed code, and that's very important, but the whole debate about who's better really doesn't have any purpose other than the old "my weiner is bigger than yours" debate.
post #60 of 63
Quote:
Originally Posted by Monkey92;12774675 
OSX doesn't get viruses.

OSX is easily compromised through programming flaws.

Lol it doesn't matter though cause marketshare xD

OSX ftw.


If someone downloads kanyewest.exe off of limewire (or whatever the current easymode pirating software is) and the malware isn't written for OSX of course they'll think they're more secure.

But using that as an argument in OSX's favor is naive and juvenile. Computers are tools that most people just don't know how to maintain. There's nothing wrong with these people, they provide a business for small town computer shops. They provide business for Best Buy et al.

Which OS is more secure is really not very important for consumers, which is exactly what OSX is designed for. Security is vastly more important in serverware, where hackers and malware can create big problems for corporations and for private info.

Sure, someone may have saved their credit card info, or personal identifying information on their computer, and that could be accessed by a hacker, but I don't believe that is a statistically significant number of people.

These contests do help programmers identify flawed code, and that's very important, but the whole debate about who's better really doesn't have any purpose other than the old "my weiner is bigger than yours" debate.

So this made me wonder how difficult botnetting and using compromised macs would be for server attacks and other large scale malicious activities.
     
CPUGraphicsRAMHard Drive
Intel Core m3-6Y30 Intel HD515 8GB 1866DDR3L Micron M600 MTFDDAV256MBF M.2, 256 GB 
CoolingOSOSMonitor
Fanless Win10 Home x64 Kubuntu 16.04 (requires Linux kernel 4.5/4.6) 13.3 inch 16:9, 1920x1080 pixel, AU Optronics A... 
CPUMotherboardGraphicsRAM
AthlonIIX4 640 3.62GHz (250x14.5) 2.5GHz NB Asus M4A785TD-M EVO MSI GTX275 (Stock 666) 8GBs of GSkill 1600 
RAMHard DriveHard DriveHard Drive
4GBs of Adata 1333 Kingston HyperX 3k 120GB WD Caviar Black 500GB Hitachi Deskstar 1TB 
Optical DriveCoolingOSOS
LG 8X BDR (WHL08S20) Cooler Master Hyper 212+ Kubuntu x64 Windows 7 x64 
OSMonitorPowerCase
Bodhi Linux x64 Acer G215H (1920x1080) Seasonic 520 HAF912 
CPUMotherboardGraphicsRAM
N450 1.8GHz AC and 1.66GHz batt ASUS proprietary for 1001P GMA3150 (can play bluray now!?) 1GB DDR2 
Hard DriveOptical DriveOSOS
160GB LGLHDLBDRE32X Bodhi Linux Fedora LXDE 
OSOSMonitorKeyboard
Kubuntu SLAX 1280x600 + Dell 15inch Excellent! 
PowerCase
6 cells=6-12hrs and a charger 1001P MU17 Black 
  hide details  
Reply
     
CPUGraphicsRAMHard Drive
Intel Core m3-6Y30 Intel HD515 8GB 1866DDR3L Micron M600 MTFDDAV256MBF M.2, 256 GB 
CoolingOSOSMonitor
Fanless Win10 Home x64 Kubuntu 16.04 (requires Linux kernel 4.5/4.6) 13.3 inch 16:9, 1920x1080 pixel, AU Optronics A... 
CPUMotherboardGraphicsRAM
AthlonIIX4 640 3.62GHz (250x14.5) 2.5GHz NB Asus M4A785TD-M EVO MSI GTX275 (Stock 666) 8GBs of GSkill 1600 
RAMHard DriveHard DriveHard Drive
4GBs of Adata 1333 Kingston HyperX 3k 120GB WD Caviar Black 500GB Hitachi Deskstar 1TB 
Optical DriveCoolingOSOS
LG 8X BDR (WHL08S20) Cooler Master Hyper 212+ Kubuntu x64 Windows 7 x64 
OSMonitorPowerCase
Bodhi Linux x64 Acer G215H (1920x1080) Seasonic 520 HAF912 
CPUMotherboardGraphicsRAM
N450 1.8GHz AC and 1.66GHz batt ASUS proprietary for 1001P GMA3150 (can play bluray now!?) 1GB DDR2 
Hard DriveOptical DriveOSOS
160GB LGLHDLBDRE32X Bodhi Linux Fedora LXDE 
OSOSMonitorKeyboard
Kubuntu SLAX 1280x600 + Dell 15inch Excellent! 
PowerCase
6 cells=6-12hrs and a charger 1001P MU17 Black 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Technology and Science News
Overclock.net › Forums › Industry News › Technology and Science News › [iSpyce]Apple's OS X is First OS to be Hacked at This Year's Pwn2Own