Hahahahah! I can't stop laughing, too funny!
http://www.engadget.com/2008/03/27/pwn-2-own-over-macbook-air-gets-seized-in-2-minutes-flat/
I think its on Day 3 now (3rd-party software is now OK) and Vista and Ubuntu are still standing. OSX got thoroughly owned. So much for more secure
Yeah, I saw that on gizmodo. Good stuff.
I saw that on Engadget earlier in the day. I was somewhat surprised, given that OSX is unix-based, but then I read and saw it was actually Safari at fault. Dunno why Vista/IE is still standing.
And vista fell on the third day, with Linux remaining unhacked.
http://www.engadget.com/2008/03/29/linux-becomes-only-os-to-escape-pwn-2-own-unscathed/
w00t w00t.
So it seems that the most secure OS is Linux followed by Vista followed by OS X - hahahahahaha. I'm still laughing about that one.... ooh boy....
I am too. And it was not IE that made it fall, but Adobe, so I guess Microsoft is starting to do something right now.
I expect UAC helped it out some. Not to mention, I don't think IE usually allows ActiveX controls to execute without explicit approval by default.
The Tari wrote:
I expect UAC helped it out some. Not to mention, I don't think IE usually allows ActiveX controls to execute without explicit approval by default.
The creators indicated that it could be a cross-platform exploit, so you really can't blame Vista/IE for it.
Now, what would be interesting is what you could do with said exploit, as in how far could you compromise the system...
well, you had to be able to access a file on the system if I am not mistaken, and if you can read files, there is a chance you can write to them. If you can write to files, you can do whatever you want then to the system.
rivereye wrote:
well, you had to be able to access a file on the system if I am not mistaken, and if you can read files, there is a chance you can write to them. If you can write to files, you can do whatever you want then to the system.
This may be true for Windows, but it certainly isn't for Linux/OS X. A vast majority of the files on the system are read-only for anyone except the root user...
you do have a point there. Chances are though, that would be the first account targeted also, and once you are there, you are in control. Actually, a Windows Administrator has less power over the computer than the UNIX root if I am not mistaken.
rivereye wrote:
you do have a point there. Chances are though, that would be the first account targeted also, and once you are there, you are in control. Actually, a Windows Administrator has less power over the computer than the UNIX root if I am not mistaken.
Do you have any idea how hard it will be for a regular *nix user to elevate themselves to root level? The windows admin can do all sorts of crazy stuff - most of the checks that prevent the admin from doing things that would harm the computer are done by the programs, not the kernel (eg, just because task manager or explorer doesn't let you kill a process or overwrite a file doesn't mean you don't have permissions - it is THOSE programs that are actually doing the checks.) The admin can even replace the windows kernel and shutdown before windows can correct itself, and then its GG n00b
b-flat wrote:
Indeed. It's only really security by obscurity; they aren't necessarily more secure from a software standpoint.
Register to Join the Conversation
Have your own thoughts to add to this or any other topic? Want to ask a question, offer a suggestion, share your own programs and projects, upload a file to the file archives, get help with calculator and computer programming, or simply chat with like-minded coders and tech and calculator enthusiasts via the site-wide AJAX SAX widget? Registration for a free Cemetech account only takes a minute.
»
Go to Registration page
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
