![]() The operating systems will have their attack defenses configured to their default settings. The first day of Pwn2Own’s browser challenge this year will pit researchers against the latest versions of Chrome, Firefox and Internet Explorer 8 (IE) on Windows 7, and Safari on Mac OS X 10.6, aka Snow Leopard. Last year, Firefox, IE and Safari all fell to attack only Google’s Chrome went unscathed. Miller’s bottom line? “I’ll predict that two to three browsers will go down, including Safari for the fourth straight year,” he said. The only difference is that Safari has a bigger attack surface, and includes, for example a PDF reader (Preview) and Flash.” Also, because at Black Hat DC, Dion Blazakis showed how to defeat DEP in browsers. “I say this because Snow Leopard finally has DEP. “Unlike previous years, I’d say Safari isn’t significantly easier than the browsers on Windows,” Miller said today in an e-mail reply to questions about his Pwn2Own plans and predictions. In 2008, Miller won $10,000 by hacking a MacBook Air in under two minutes, again by exploiting a Safari bug.īut he’s not as certain as Portnoy that Apple’s browser will tumble first. ![]() Miller, who works as a principal analyst at Independent Security Evaluators, a security consulting firm, plans to again compete at Pwn2Own and hopes to “three-peat” as a contest winner. In 2009, for example, researcher Charlie Miller hijacked a Mac in less than five seconds through Safari to win $5,000, while a German student knocked down three browsers on Windows to walk off with $15,000. Now in its fourth year, Pwn2Own has made headlines for hacks of Apple’s Mac OS X and Safari, as well as Microsoft’s Windows and that company’s Internet Explorer (IE) browser. ![]() “ be on Snow Leopard, which isn’t on the same level as Windows 7,” he added as he predicted Apple’s browser would crumble when the action starts March 24. “Safari will be the first to go,” said Aaron Portnoy, security research team lead with 3Com TippingPoint, the sponsor of Pwn2Own. Apple’s Safari will be the first browser to fall next month at the Pwn2Own hacking challenge, the contest organizer predicted today.Ī researcher who has won at Pwn2Own the last two years wasn’t so sure.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |