ie8 fix
madison

Hardware 2.0

Adrian Kingsley-Hughes
Home / News & Blogs / Hardware 2.0

Apple patches Safari vulnerabilities ahead of Pwn2Own

By | March 12, 2010, 9:00am PST

Summary: Pwn2Own 2010 is just around the corner, and Apple has taken this opportunity to harden its web browser’s security ahead of the event.

Pwn2Own 2010 is just around the corner, and Apple has taken this opportunity to harden its web browser’s security ahead of the event.

Apple has been left with egg on its face for two years at Pwn2Own, with security researcher Charlie Miller taking only minutes to compromise Mac OS X both in 2008 and 2009, leveraging unpatched flaws in the Safari web browser. This year, the Cupertino giant has shored up the defenses ahead of the event, patching 16 vulnerabilities with the release of Safari 4.0.5.

The last Safari update released by Apple was in November 2009.

Here’s a list of fixes:

  1. ColorSync
    CVE-ID: CVE-2010-0040
    Available for: Windows 7, Vista, XP
    Impact: Viewing a maliciously crafted image with an embedded color profile may lead to an unexpected application termination or arbitrary code execution
    Description: An integer overflow that could result in a heap buffer overflow exists in the handling of images with an embedded color profile. Opening a maliciously crafted image with an embedded color profile may lead to an unexpected application termination or arbitrary code execution. The issue is addressed by performing additional validation of color profiles. This issue does not affect Mac OS X systems. Credit to Sebastien Renaud of VUPEN Vulnerability Research Team for reporting this issue.
  2. ImageIO
    CVE-ID: CVE-2009-2285
    Available for: Windows 7, Vista, XP
    Impact: Viewing a maliciously crafted TIFF image may lead to an
    nexpected application termination or arbitrary code execution
    Description: A buffer underflow exists in ImageIO’s handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved bounds checking. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.2. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2010-001.
  3. ImageIO
    CVE-ID: CVE-2010-0041
    Available for: Windows 7, Vista, XP
    Impact: Visiting a maliciously crafted website may result in sending data from Safari’s memory to the website
    Description: An uninitialized memory access issue exists in ImageIO’s handling of BMP images. Visiting a maliciously crafted website may result in sending data from Safari’s memory to the website. This issue is addressed through improved memory handling and additional validation of BMP images. Credit to Matthew ‘j00ru’ Jurczyk of Hispasec for reporting this issue.
  4. ImageIO
    CVE-ID: CVE-2010-0042
    Available for: Windows 7, Vista, XP
    Impact: Visiting a maliciously crafted website may result in sending data from Safari’s memory to the website
    Description: An uninitialized memory access issue exists in ImageIO’s handling of TIFF images. Visiting a maliciously crafted website may result in sending data from Safari’s memory to the website. This issue is addressed through improved memory handling and additional validation of TIFF images. Credit to Matthew ‘j00ru’ Jurczyk of Hispasec for reporting this issue.
  5. ImageIO
    CVE-ID: CVE-2010-0043
    Available for: Windows 7, Vista, XP
    Impact: Processing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution
    Description: A memory corruption issue exists in the handling of TIFF images. Processing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory handling. Credit to Gus Mueller of Flying Meat for reporting this issue.
  6. PubSub
    CVE-ID: CVE-2010-0044
    Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.1 or later, Mac OS X Server v10.6.1 or later, Windows 7, Vista, XP
    Impact: Visiting or updating a feed may result in a cookie being set, even if Safari is configured to block cookies
    Description: An implementation issue exists in the handling of cookies set by RSS and Atom feeds. Visiting or updating a feed may result in a cookie being set, even if Safari is configured to block cookies via the “Accept Cookies” preference. This update addresses the issue by respecting the preference while updating or viewing feeds.
  7. Safari
    CVE-ID: CVE-2010-0045
    Available for: Windows 7, Vista, XP
    Impact: Visiting a maliciously crafted website may lead to arbitrary code execution
    Description: An issue in Safari’s handling of external URL schemes may cause a local file to be opened in response to a URL encountered on a web page. Visiting a maliciously crafted website may lead to arbitrary code execution. This update addresses the issue through improved validation of external URLs. This issue does not affect Mac OS X systems. Credit to Billy Rios and Microsoft Vulnerability Research (MSVR) for reporting this issue.
  8. WebKit
    CVE-ID: CVE-2010-0046
    Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.1 or later, Mac OS X Server v10.6.1 or later, Windows 7, Vista, XP
    Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
    Description: A memory corruption issue exists in WebKit’s handling of CSS format() arguments. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of CSS format() arguments. Credit to Robert Swiecki of Google Inc. for reporting this issue.
  9. WebKit
    CVE-ID: CVE-2010-0047
    Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.1 or later, Mac OS X Server v10.6.1 or later, Windows 7, Vista, XP
    Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
    Description: A use-after-free issue exists in the handling of HTML object element fallback content. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory reference tracking. Credit to wushi of team509, working with TippingPoint’s Zero Day Initiative, for reporting this issue.
  10. WebKit
    CVE-ID: CVE-2010-0048
    Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.1 or later, Mac OS X Server v10.6.1 or later, Windows 7, Vista, XP
    Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
    Description: A use-after-free issue exists in WebKit’s parsing of XML documents. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory reference tracking.
  11. Webkit
    CVE-ID: CVE-2010-0049
    Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.1 or later, Mac OS X Server v10.6.1 or later, Windows 7, Vista, XP
    Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
    Description: A use-after-free issue exists in the handling of HTML elements containing right-to-left displayed text. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory reference tracking. Credit to wushi&Z of team509 for reporting this issue.
  12. WebKit
    CVE-ID: CVE-2010-0050
    Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.1 or later, Mac OS X Server v10.6.1 or later, Windows 7, Vista, XP
    Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
    Description: A use-after-free issue exists in WebKit’s handling of incorrectly nested HTML tags. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory reference tracking. Credit to wushi&Z of team509 working with TippingPoint’s Zero Day Initiative for reporting this issue.
  13. WebKit
    CVE-ID: CVE-2010-0051
    Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.1 or later, Mac OS X Server v10.6.1 or later, Windows 7, Vista, XP
    Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive information
    Description: An implementation issue exists in WebKit’s handling of cross-origin stylesheet requests. Visiting a maliciously crafted website may disclose the content of protected resources on another website. This update addresses the issue by performing additional validation on stylesheets that are loaded during a cross-origin request.
  14. WebKit
    CVE-ID: CVE-2010-0052
    Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.1 or later, Mac OS X Server v10.6.1 or later, Windows 7, Vista, XP
    Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
    Description: A use-after-free issue exists in WebKit’s handling of callbacks for HTML elements. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory reference tracking. Credit: Apple.
  15. WebKit
    CVE-ID: CVE-2010-0053
    Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.1 or later, Mac OS X Server v10.6.1 or later, Windows 7, Vista, XP
    Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
    Description: A use-after-free issue exists in the rendering of content with a CSS display property set to ‘run-in’. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory reference tracking. Credit to wushi of team509, working with TippingPoint’s Zero Day Initiative for reporting this issue.
  16. WebKit
    CVE-ID: CVE-2010-0054
    Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.1 or later, Mac OS X Server v10.6.1 or later, Windows 7, Vista, XP
    Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
    Description: A use-after-free issue exists in WebKit’s handling of HTML image elements. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory reference tracking. Credit: Apple.

Safari 4.0.5 is available for download from Apple’s website, and applies to Windows XP, Vista and 7, and Mac OS X 10.4, 10.4 and 10.6.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Hardware 2.0”

Topics

Apple Macintosh, Microsoft Windows 7, Vulnerability, Microsoft Windows Vista, Mac OS X Server, Server, Apple Inc., Issue, Web Site, Arbitrary Code Execution, Pwn2Own 2010, Safari 4.0.5, Application Termination, Apple Mac OS X, Apple Mac OS, Operating Systems, Software, Adrian Kingsley-Hughes

Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology.

Disclosure

Adrian Kingsley-Hughes

All opinions expressed on Hardware 2.0 are those of Adrian Kingsley-Hughes. Every effort is made to ensure that the information posted is accurate. If you have any comments, queries or corrections, please contact Adrian via the email link here. Any possible conflicts of interest will be posted below. [Updated: February 23, 2010] - Adrian Kingsley-Hughes has no business relationships, affiliations, investments, or other actual/potential conflicts of interest relating to the content posted so far on this blog.

Biography

Adrian Kingsley-Hughes

Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology -- whether that be by learning to program, building a PC from a pile of parts, or helping them get the most from their new MP3 player or digital camera.

Adrian has authored/co-authored technical books on a variety of topics, ranging from programming to building and maintaining PCs. His most recent books include "Build the Ultimate Custom PC", "Beginning Programming" and "The PC Doctor's Fix It Yourself Guide". He has also written training manuals that have been used by a number of Fortune 500 companies.

Adrian also runs a popular blog under the name The PC Doctor, where he covers a range of computer-related topics -- from security to repairing and upgrading.

64
Comments
Add Your Opinion

Join the conversation!

Just In

Ethics
Jkirk3279 16th Mar 2010
Charlie Miller has ethics.

And his ethic is "No Free Bugs".

You either pay him or face embarrassment at
PWN2OWN.

The guy has talent, no question. But he's trying to
make a living based on some unfriendly tactics.

Note: I define "friendly" as notifying the company and
offering them the fix in return for, say, an Apple
Fellowship.
View in thread
0 Votes
+ -
Too bad....
Cyrorm1 12th Mar 2010
Its too bad that it takes a competition like this to get browser makers to fix errors in their application. yes i know, they all patch all year round, but you have to admit that it's more than just a coincidence that 16 were patched in one browser so close to the competition. Even Mozilla kinda patched by releasing 3.6 this week. The worst part is that the contest requires them to use a previously unknown flaw to break the browser/OS so even though Safari has been updated, it was only the know vulnerabilities it fixed so it won't even help them in the competition.

But I suppose it really makes no difference that they patched now versus patching all along, just so long as they actually patch the holes.
0 Votes
+ -
Well reasoned rational comments...
BubbaJones_ 12th Mar 2010
From what I remember reading, yes it took them a few minutes to
break in. What is forgotten is he spent many months to find a
vulnerability then find a way to bypass it.

For the contest, the person walks in applies what he worked on for
many months then wins. So, in my way of thinking it wasn't
compromised in a few minutes. Truthfully, It took him a few minutes
to apply what he worked on for many months.

That is not any different than an engineer given a problem to solve
where much time is spent solving it. To the person receiving the fix it
appears it only takes a few minutes; walkup enter some stuff bam
fixed. We all know that isn't what happens.
0 Votes
+ -
Time to break
Cyrorm1 12th Mar 2010
You're right, it can take them months to find a vulnerability and exploit it. But as I recall the reason the MAC system was targeted was because, according to Miller, it was easier to find the vulnerability in the MAC OS/software than it was in the Windows environment. that coupled with the fact that Apple pays significantly less for vulnerabilities than Mozilla and Microsoft that most researchers don't spend near the same amount of time on the MAC OS. the ROI just isn't there. All involved in the competition last year agreed that all the browsers had issues that needed to be fixed, but they also agreed that it was easier to break the MAC due to poor underlying OS security to mitigate the holes in the browsers.
  • Flagged
0 Votes
+ -
Hi Cyrom1, yes I recall them saying that..
BubbaJones_ 12th Mar 2010
thank you for reminding me. On the Mac for exploits the ROI isn't
there, however, at some point in time it well may be.

Though I could be incorrect, being as there are many exploits to
Windows it appears an easier target than Mac for both professional
hackers and script-kiddies. To me that doesn't indicate a better ROI
rather easier to disrupt.

Of course MS provides patches that folks are not installing. Myself, I
know many folks that say, "my system runs okay, I will not patch it
might break something". May be the reason so many are caught in a
bot and the like perhaps.

From my minds eye, every OS has vulnerabilities, known and yet to be
known; hind sight is 20/20. Though sometimes belated, I'm pleased
Apple and MS provide patches. Vulnerabilities and patches will never
end.

Yes, I use both Mac and Windows; much prefer Mac.
0 Votes
+ -
Mac, not MAC. It isn't an acronym. [nt]
WarhavenSC 12th Mar 2010
nt
0 Votes
+ -
It is too MacIntosh Always Crash
DevGuy_z 12th Mar 2010
Or MACINTOSH: Mac Always Crash If Not OS Hang happy

Actually I like Mac - hardware.
0 Votes
+ -
Cyrorm1
Axsimulate 15th Mar 2010
MAC=Media Access Control
It is a unique identifier assigned to network adapters or network interface cards for identification and used in the Media Access Control protocol sub-layer.

Mac=Short for Macintosh
A type of computer.

Big difference.
0 Votes
+ -
Well...
Jkirk3279 16th Mar 2010
I read the interview with Mr. Miller.

He said that the vulnerability he found would apply to
any browser other than Chrome.

Which I found very interesting.

The real reason he targeted the Mac, was the prize:
he's a Mac user and wanted to win the laptop.

If he'd wanted a Linux laptop, he would have gone after
that one.
0 Votes
+ -
And what's this story have to do with the iPad?
John Zern 12th Mar 2010
That seems to be th thread of all of today's blogs... happy
0 Votes
+ -
So they only fix holes when they can get egg on their face...?
Qbt Updated - 12th Mar 2010
Typical Apple - it's all about image and not about what is best for their users. To Apple, security vulnerabilities is a PR problem, not a technical problem.

And does anyone really think that they only became aware of this long list of vulnerabilities in the last week or two? If you really believe that, you might want to pull your head out of the Kool-Aid bowl to let your brain get some oxygen...
0 Votes
+ -
last week or two
Cyrorm1 12th Mar 2010
Although I agree that it is a coincidence that they just happen to patch so close to the contest, who is to say that they haven't been working for months to fix these holes and they just finished quality checking these fixes to ensure they don't break anything. At least the holes are fixed, however they are going to have a large amount of egg on their face if their browser is still the first one compromised again.
0 Votes
+ -
First one doesn't mean much.
ye 12th Mar 2010
Apple was first to fall in last years contest merely because of the way participants happened to be drawn from a random selection.
0 Votes
+ -
random selection
Cyrorm1 12th Mar 2010
I suppose you are right, though if you look at the comments of the contestants, 2/3 planned on bringing MAC down if they were selected first. No one knows for sure if it was because MAC was easier to exploit or if it was because the money + the MAC was the better prize last year.
0 Votes
+ -
Mac wasn't that much better of a prize to justify...
ye 12th Mar 2010
...focusing on it instead of an alternative. If the alternatives were easier the difference in value of the Mac over the PC (if it exists) wouldn't have been sufficient to warrant spending effort on the Mac.
0 Votes
+ -
Limit to one prize?
WarhavenSC 12th Mar 2010
I forget the actual rules, but are they limited to one prize? Or do they keep every computer they pwn?
0 Votes
+ -
I believe they were able to keep every computer then pwned. nt
ye 12th Mar 2010
.
0 Votes
+ -
Publicity is everything!
The Danger is Microsoft 15th Mar 2010
Bet Win 7 falls first. Just because.
0 Votes
+ -
If I remember correctly
rtk 12th Mar 2010
Nobody won on day one, where the prize money was 10 instead of 5 grand. The difference would have paid for a Mac with plenty of change left over.
0 Votes
+ -
Yes...
Jkirk3279 16th Mar 2010
.. but Day 1 is HARD. You have to win by affecting the
computer without touching it or tricking the user into
going to a trapped website.

Nobody's won that in a while.
0 Votes
+ -
Not according to Charlie Miller
DevGuy_z 12th Mar 2010
He said the Mac was easier to hack. And he's done this two years in a row. He is also predicting this year he will win.

In an interview, he basically said it is all about the money vs. the effort. So for him he targets the really easy stuff. The harder stuff he can get more money by going directly to the affected company so it isn't worth his time at the contest.

He specifically mention the lack of address randomization and dep in OS-X as to why Safari was so easy to hack. Keep in mind that QuickTime was an easy target too. I think that's how Windows fell in the first pwn2own.
0 Votes
+ -
Given they developed the exploits ahead of time...
ye 12th Mar 2010
...it doesn't matter which one was hacked first. I understand Mr. Miller stated the Mac was easier. But he didn't sit down when it was his turn at the competition and develop the exploit. It was developed in advance. Thus the fact he sat down before Nils was the only reason the Mac fell first. Not because it was easier. Had Nils sat down before Mr. Miller and performed his exploit against Windows then Windows would have fallen first...despite the Mac being easier.

So the fact the Mac fell first doesn't say much given the nature of the contest.
0 Votes
+ -
The first and the fastest. And yes the time matters.
DevGuy_z 15th Mar 2010
Even if it was developed offline because easy hacks take less time. Heap spraying attacks have to attack multiple fronts to pwn a system. So complex attacks may take much longer to pull off.

I probably need to check but I'm pretty sure the reason Charlie won is because he had the fastest time. IOW the contest values how much time it takes to hack a system.

He's won 2 years in a row and he is predicting he will win again. Hard to if random.
0 Votes
+ -
More like...
Rick_K 13th Mar 2010
Headline hogging, and glory grabbing. I have said this many times, so
I stand by what I say. Charlie Miller is nothing more than a glory
hound, and a scumbag. He?s not interested in what is right or wrong,
but in stroking his own ego. When a ?researcher? finds a vulnerability
and reports it, that is responsible reporting. If the company ignores it,
then by all means the researcher should publish the vulnerability. But
to ambush a company in a very public manner is a true sign of one?s
intentions. There was a recent article about a software vendor that left
a reported vulnerability sit for something like 17 years. The idea of
keeping a vulnerability ?in your pocket? just to make a vendor look
bad, shows a lack of ethics. It is not about the company being
arrogant, but the researcher (Charlie Miller) having a lack of ethics.
When you put you own ego above all else, you have more issues than
those you are seeking to embarrass.
0 Votes
+ -
Hmmm....reads like you agree. Win 7 will go down! (NT)
The Danger is Microsoft 15th Mar 2010
NT
0 Votes
+ -
No, you don't understand
DevGuy_z 15th Mar 2010
He normally makes money and turns this stuff in.

He isn't trying to make Apple look bad. He doesn't get much for an exploit at pwn2own, so he goes for easy stuff. If it is a tough exploit he goes directly to MS or Apple and they pay him more money.

He states that He wouldn't try IE because what he gets isn't worth the effort. He could get more $$ from MS.
0 Votes
+ -
RE:More like..
joe6pack_z 15th Mar 2010
more sour grapes from yet another Apple apologist.
0 Votes
+ -
Ethics
Jkirk3279 16th Mar 2010
Charlie Miller has ethics.

And his ethic is "No Free Bugs".

You either pay him or face embarrassment at
PWN2OWN.

The guy has talent, no question. But he's trying to
make a living based on some unfriendly tactics.

Note: I define "friendly" as notifying the company and
offering them the fix in return for, say, an Apple
Fellowship.
0 Votes
+ -
And the fastest (shortest time)
DevGuy_z 12th Mar 2010
NT
0 Votes
+ -
Which doesn't mean a lot since the exploits were developed offline. nt
ye 12th Mar 2010
.
0 Votes
+ -
Um it is what wins the contest.
DevGuy_z 15th Mar 2010
Fastest time wins. More complex hacks take more time (heap spraying) and usually hitting multiple vulnerabilities to fully pwn a system.

And besides Charlie Miller has said repeatedly that Macs are easier to hack. And he has said why - they don't have the same protections that Windows now has. I'm sure he would say that IE6 is easy to hack too.
0 Votes
+ -
I did know that they develop exploits offline BTW
DevGuy_z 15th Mar 2010
But you're point is taken. Which won goes down first does not matter. I would say that which one goes down in the shortest time does matter.
0 Votes
+ -
Hardly worth calling Pwn2Own when they don't include Linux
DTS Linux Advocate 12th Mar 2010
Lame.
0 Votes
+ -
lame?
Cyrorm1 12th Mar 2010
I know you are an advocate for Linux, and I too enjoy the OS, however I don't see it as lame to not include a platform that no specific distribution has more than a 1% market share, especially when the hundreds(thousands?) of distros combined make up barely over 1% of desktop usage. If this were for servers instead of home PCs/Laptops you would have a significant reason to complain, but as it is not the case anything more than a simple desire to see your preferred OS join the ranks would likely come of as "lame".
0 Votes
+ -
It is clear that Linux will win over OSX and Windows
DTS Linux Advocate 12th Mar 2010
This isn't about market share.

This is about obvious 'avoidance' of challenging a superior operating system--Linux.

It would be simple enough to include say Ubuntu Linux 9.10 ootb and put it to the test.

This is an intentional omission.
  • Flagged
0 Votes
+ -
No it is about $$
DevGuy_z 12th Mar 2010
These guys earn money for their hacks sometimes on the order for $50,000. Who ends up paying? Apple and Microsoft and other vendors. In the case of pwn2own they get some hardware too. But these guys make money day in and day out by finding vulnerabilities.

So what Charlie Miller targets has to do with what will earn him money. If it is to much work for the money he won't do it. His strength is finding vulnerabilities other winners like Nils is better at exploiting.

So with Linux there isn't any money in it. If the Linux Foundation offered the conference the money they would offer it to the contestants and if it was adequate they would do the work. Keep in mind that OS-X is based on BSD which some feel is more secure than Linux.

Keep in mind that Linux servers are hacked all the time. That's why you get patches to plug vulnerabilities, if you didn't and somebody wanted to create an exploit they would be able to hack you. On desktop systems the easiest way is through the browser - the user does the work sometimes by simply clicking on an ad. With servers they are just there and so you just beat on them with bad packets, ports, DOS and other techniques.
0 Votes
+ -
An OOTB Ubuntu Server isn't going to have any ports open
DTS Linux Advocate 12th Mar 2010
So, how are you going to bang on that? With a hammer?

Seriously, these guys are 'shooting fish in a barrel' with OSX and Windows.

Linux servers aren't hacked all the time. When configured appropriately, a Linux server is generally impervious to compromise. It's a matter of competence when setting up Linux.

With OSX and Windows, the ability to fuzz an unchanging kernel makes finding chinks fairly straight forward.

Linux, its drivers and Apps are updated on a daily/hourly basis so the opportunity for attack is minimal. Add to that Ubuntu Linux runs with Linux Security Module AppArmor and it becomes exceedingly difficult for privilege escalation to occur.

A local user directory might be readable/writeable but no 0wnage will result.

Sorry.
0 Votes
+ -
absolutely nothing is
rtk 12th Mar 2010
impervious to compromise.

You're doing a disservice to the Linux community with these kinds of statements.
0 Votes
+ -
You need to read more.
DevGuy_z 12th Mar 2010
I've read plenty where various Companies networks linux servers have been compromised.

And as far as stuff being patched within hours you're drinking cool-aid.

AppArmor doesn't apply to everything.

In short, compromise is happening, not so much on the desktop but at the servers.
0 Votes
+ -
Example of vulnerability a year old in linux
DevGuy_z 12th Mar 2010
http://www.linuxsecurity.com/content/view/151892/169/

Note also Apache flaw.
0 Votes
+ -
Very few servers run in OOTB state.
DevGuy_z 12th Mar 2010
NT
0 Votes
+ -
You're wasting your time
Cylon Centurion 12th Mar 2010
You can throw all the evidence you want at him, but he'll still say otherwise.
0 Votes
+ -
Ooopps! You clicked on the wrong link.
The Danger is Microsoft Updated - 15th Mar 2010
Now run your virus checker. If you don't have one click here:

http://www.meetup.com/Bay-Area-Beagles/
0 Votes
+ -
intentional omission.
Cyrorm1 12th Mar 2010
Everyone is entitled to their opinion. I feel this is an omission of relevance. I have no doubt that Ubuntu ootb is secure and most likely will hold up better than say Vista ootb (have not used Win7 yet so I won't comment on it), however since it isn't a major player in the desktop OS environment there is little to nothing to be gained from testing it as most that are truly interested in this contest know what Ubuntu is and its security model. *nix gets its day as a mobile phone OS which will be tested this year so perhaps that will gain it some notoriety and grow the market share in the desktop environment thus making it a more relevant OS to include in the contest next year.
0 Votes
+ -
superior operating system
Cyrorm1 12th Mar 2010
Superior security != superior usability

Everyone must weigh the pros with the cons on the Os they choose. The usability issue is why Windows and MAC OSX are still beating the daylights out of Linux distros in the desktop and laptop environments currently. I'm sure someday Linux will surpass either MAC or Windows, but its anyone's guess as to when that will be. Perhaps if you talk about the good points, besides security, and stop bashing everyone else's personal choice of OS they will consider at least trying a Linux distro instead of writing it off completely due to the attitude of one user.
0 Votes
+ -
The $ issue aside, Linux wins on the security merits.
DTS Linux Advocate 12th Mar 2010
Everything else is just talking around the point.
0 Votes
+ -
Sorry
Cyrorm1 12th Mar 2010
Some people feel being able to use the equipment is more important than the security of the OS. don't get me wrong, I have no doubt that more and more people will move to the "more secure" environment that is inherent in the Linux distros, but to get people to move in droves, its going to require more than just security. people want to be able to use the applications they've paid for and they want to use what's familiar to them. even you have to admit that its more difficult to use a Windows or MAC based application in any Linux distro than in their native OS environment. That is the issue that Linux has to contend with, not that it isn't a good OS with great security, but rather that people are resistant to change for the sake of security they can't see that they need. As proof I offer up the millions of infected Windows systems that people simply don't care enough about security to move to another OS, let alone simply patch the one they are using.
0 Votes
+ -
Rationalization
DTS Linux Advocate 12th Mar 2010
You are repeating the usual sound bytes that traditional arguers make in favor of their respective O/S.

Truth is, Linux has everything a Windows or OSX users needs and NONE of the security issues.

And Linux offers more functionality than any other O/S.
0 Votes
+ -
Everything?
Cyrorm1 Updated - 12th Mar 2010
So when did PS elements come out for Linux? Or are you assuming Wine or some other emulator works perfect and doesn't add more steps in for people who don't even know what an emulator is?

Edit:

You assume that the average Windows or MAC users isn't inept to doing anything more than point and click. Adding more steps to the equation to use an application that works fine in their current OS and more than likely is at least a little buggy in an emulator like Wine is what prevents Linux from gaining significant ground in the OS market. That's not necessarily a fault of Linux, but a fault of the manufacturers of the application if it truly is a fault at all. But it most definitely the biggest hurdle that Linux has and it doesn't appear to be going away anytime soon. I'm not bashing Linux, I enjoy Ubuntu personally, but then again I know what I'm doing with the OS and i don't mind a few extra steps now and then, aka I'm not a typical windows or MAC user.
0 Votes
+ -
re: Linux Has Everything
WarhavenSC 12th Mar 2010
Except, well, native and mostly-trouble-free releases of just about every major game on the market.
0 Votes
+ -
That's what they said about the Mac
DevGuy_z 12th Mar 2010
People used to boast about how secure Mac's were. One guy gave a challenge an put a fully patched mac outside a firewall and it fell in 30 minutes. Then 2 years running it was the first to crash.

According to gartner group IT polls, did you know that Windows Servers have very close to the same uptime as Linux? And they pointed out the difference was more due to reboots after patching (I freely admit the superiority of Linux here, you just don't reboot as much after patching) than any other form of downtime. Server crashes or compromise.

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix
Click Here
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix
ie8 fix