How long can a Mac survive the hacker jungle?

Summary:Apple's Mac OS X has a date with some of the world's smartest hackers.At this year's CanSecWest 2007 conference in Vancouver, BC, a "PWN to OWN" contest will pit security researchers against a MacBook Pro in an experiment to see how well a default Mac OS X install can survive hacker scrutiny.

Apple's Mac OS X has a date with some of the world's smartest hackers.

At this year's CanSecWest 2007 conference in Vancouver, BC, a "PWN to OWN" contest will pit security researchers against a MacBook Pro in an experiment to see how well a default Mac OS X install can survive hacker scrutiny.

The contest is the brainchild of CanSecWest organizer Dragos Ruiu, who was motivated in part by Apple's general anti-disclosure stance and the Mac commercials that trivializes security to the masses with humor.

"So, let's see how well a default OSX install really does in a room full of security researchers. How long can a default OSX install survive? How much Apple 0day is really floating out there undisclosed?," Ruiu said in an e-mail announcing hte contest.

He describes the contest as a "practical experiement" that makes "a political point."

Ruiu plans to set up two loaded MacBook Pro machines on this own access point with default installs and with the latest security updates applied. "[Hackers] will be able to walk up to it and connect to the AP ethernet or go in over WiFi. If you exploit it, you get to go home with it," Ruiu said.

The contest is limited to one per person (the same vulnerability can't be used twice) and will have certain victory conditions -- SSH connection out of the machine and contents of a file on the hard-drive.

"It will be interesting to see exactly how long they last in the "jungle" as it were. If they last the three days, they become the prizes for best lightning talk and best speaker as selected by the audience," Ruiu said of his "quantitative experiment on the real security of OSX."

CanSecWest is one of the main stops on the annual security conference calendar. It runs from April 18-20, 2007. Scheduled speakers this year include Microsoft's Mark Russinovich, Mozilla's Window Snyder, Symantec's Jim Hoagland, HD Moore of BreakingPoint Systems and Ron Gula from Tenable.

Topics: Apple, Hardware, Security

About

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content managem... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.