MacBook Air falls in two minutes at PWN 2 OWN

The MacBook Air fell in two minutes at the CanSecWest security conference's PWN 2 OWN.According to Infoworld, Charlie Miller won the $10,000 prize.

The MacBook Air fell in two minutes at the CanSecWest security conference's PWN 2 OWN. According to Infoworld, Charlie Miller won the $10,000 pr

pwn2own.jpg
ize. Under the contest rules, organizers offered Sony Vaio, Fujitsu U810, and the MacBook as prizes. On day 1 no one won because they couldn't hack into the laptops with a zero day attack. The MacBook runs OS X 10.5.2. The Vaio runs on Ubuntu 7.10 and the Fujitsu runs on Vista Ultimate. Those two laptops are still standing, but that may be because there's more hacker glory in taking down the MacBook Air.

On Day 2, the rules are relaxed. Two minutes later Miller had his prize. Miller is the researcher behind the first iPhone hack.

Chatter on Twitter indicates that Miller's winning hack was a browser exploit. However, the Zero Day Initiative owns the code so details were sparse.

Ryan Naraine reports:

The Zero Day Initiative has confirmed the winner. In a post, ZDI said:

At 12:38pm local time, the team of Charlie Miller, Jake Honoroff, and Mark Daniel from Independent Security Evaluators have successfully compromised the Apple MacBook Air, winning the laptop and $10,000 from TippingPoint's Zero Day Initiative.  They were able to exploit a brand new 0day vulnerability in Apple's Safari web browser.  Coincidentally, Apple has just started to ship Safari to some Windows machines, with its iTunes update service. The vulnerability has been acquired by the Zero Day Initiative, and has been responsibly disclosed to Apple who is now working on the issue.  Until Apple releases a patch for this issue, neither we nor the contestants will be giving out any additional information about the vulnerability.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All
See All