IE8, Safari and Firefox fall at Pwn2Own 2010

IE8, Safari and Firefox fall at Pwn2Own 2010

Summary: Internet Explorer 8, Safari and Firefox web browsers have all fallen victim to a PWNAGE at this years Pwn2Own 2010 security contest.

SHARE:

Internet Explorer 8, Safari and Firefox web browsers have all fallen victim to a PWNAGE at this years Pwn2Own 2010 security contest.

Peter Vreugdenhil defeated Internet Explorer 8 on the Windows 7 platform despite security features such as ASLR and DEP, while star of Pwn2Own 2009 "Nils" cracked Firefox, also on the Windows 7 platform.

Mac users shouldn't be too smug either, since Charlie Miller managed to circumvent Apple's best defenses to compromise the Safari web browser on the Mac OS X platform.

So far, the only browser to remain standing is Google's Chrome, because none

Note: Details on all the exploits used at Pwn2Own will be shared by contest organiser TippingPoint with the relevant vendors, allowing patches to be developed.

of the hacking contestants chose to target that browser.

The moral of this is simple - if a determined attacker wants to compromise a system, enough bugs exist on both the Windows and Mac platforms (and iPhone) to make this possible.

Sobering thought ...

Topics: Security, Apple, Browser, Hardware, Microsoft, Operating Systems, Software, Windows

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

106 comments
Log in or register to join the discussion
  • "... none of the hacking contestants chose to target that browser" (chrome)

    We can only guess what might be holding them back.

    Anyway, I think I could dare to throw an educated guess as to what it is.
    Great Kahuna
    • no need to guess

      apathy and disinterest.
      rtk
      • Wrong! It's fear of failure that stops them, even panic, I dare to say.

        Cause failure is most likely outcome for all their efforts against software produced by a company that has Open Source at its core, one that knows how to play the security card and leaves obscurity to the care of others, like M$ or Apple.
        Great Kahuna
        • Woah! I was WAY off!

          I was going to pick "lack of Cheetos supply inhibits effective work on two exploits at once." It's a good thing you're telepathic and can read all of their thoughts before they've even discussed why they didn't bother with Chrome this time around.
          WarhavenSC
          • One thing is obvious from your comment

            You are working from the inside. We were trying to suppress the Cheetos supply scandal and here you are advertising it to the world.

            Thanks alot
            Viva la crank dodo
        • Open source security holes...

          The myth that open source software is more secure than proprietary software is refuted by reality.

          As Firefox demonstrates, open source software has plenty of security holes.

          As an added "bonus":

          Unlike IE8, Firefox doesn't support Protected Mode.

          IE8's SmartScreen Filter is superior to Firefox's offering.
          Tom12Tom
          • Firefox running in your machine may be vulnerable, in mine it isn't...

            firefox running in my machines is simply inexpugnable.
            Great Kahuna
          • Dream on Sparky. (nt)

            ...
            ths40
          • It's all in the OS, really. No piece of software is safe when the OS isn't.

            Just run firefox in Ubuntu, then you will see just how safe it is.
            Great Kahuna
          • I'll back you up!!

            I bet not 1 person here can find even the tiniest article showing Linux has ever been hacked!!
            Ron Bergundy
          • AppArmor LSM renders attacks useless. 0-day Exploits less impactful when

            ...Linux users of Internet-facing Apps run profiled by AppArmor Linux Security Module (LSM).

            GPG Keyring-protected 'ring of safety' surrounds all Apps/Blobs/Drivers in the Ubuntu repository system.

            These two Ubuntu Linux 'features' combined ensure that users will enjoy a maximum of safety.

            Any not fully-patched Internet-facing App which is sandboxed by AA simply cannot be exploited.

            So, in that respect, the 'rush' to patch a Zero-Day exploit becomes 'a lesser priority' because any exploit will fail on a AA-profiled system.[1]

            The key difference between Windows and Linux is that all of the security model features of W7 run inside the kernel memory space. AppArmor (or SELinux) runs in its own protected memory space 'external' to the system kernel and is capable of policing both the 'profiled App' and kernel.

            The LSM design is thus superior to Windows 7.
            Exploits are stopped cold in their tracks by AA.

            Linux is being intentionally overlooked but would not get owned by any hacker in this challenge.

            I stake my reputation on it.

            Dietrich T. Schmitz
            GNU/Linux Advocate

            ==================================
            [1] Users/Admins should patch their systems and be fully up to date but AppArmor provides an added layer of 'protection' to mitigate zero-day attacks.
            Dietrich T. Schmitz GNU/Linux Advocate
          • You DO have a reputation around here...that's for sure...

            ...the only problem is, it is a completly BOGUS one.
            ths40
          • My points are irrefutable. Ad hominem attacks reflect badly on you!

            nt
            Dietrich T. Schmitz GNU/Linux Advocate
          • @DTS Irrefutable?

            Only in your own mind blinded by Linux propaganda. ;-)

            iPhone had all its code signed. It failed.

            Both IE8 and Firefox are code signed, too; no additional unsigned apps were installed on the hacked system. Conclusion? Code signing (GPG keyring in your terms) is an important component of security, it may protect against trojans, but it is not a 100% insurance against hacking.

            Similarly, AA does not protect against all escalation of privilege and DOS attacks. Read ubuntu.com/usn or secunia for a long list of Lunux kernel vulnerabilties.

            Finally, it is not enough to protect only Internet-facing apps. All apps that deal with data downloaded from untrusted sources must be profiled, but this, if at all possible, will interfere with app usabiltiy, if they are not designed correctly. And again, it won't protect against vulnerabilties that do not require unusual system calls.
            Earthling2
          • Whatever

            "Linux is being intentionally overlooked but would not get owned by any hacker in this challenge."

            Did any of the hackers or say why Linux wasn't hacked? If not you are making a few very self-serving assumptions.
            bmonster
          • Linux would put them out of business, that's why.

            They all make their livings out of exploiting vulnerable computers, be it legally or otherwise. Linux with its rock solid security features means death to their source of income. The day Linux starts to dominate the market will be the last day for the AV industry.

            Survival is the real reason these guys must play Linux down.
            Great Kahuna
          • Dude...

            Can you please respond with substantive posts. You opinion is not highly valued. Since you couldn't quote anybody related to the pwn2own contest going on record to explain why Linux was overlooked, don't speculate.
            bmonster
          • @Great Kahuna How do you call cheese with thousands of little holes in it?

            Ubuntu 8.04 (previous LTS release):

            Affected By:
            249 Secunia advisories
            811 Vulnerabilities

            http://secunia.com/advisories/product/18611/

            Ubuntu 6.06 (as old as Vista):

            Affected By:
            441 Secunia advisories
            1371 Vulnerabilities

            http://secunia.com/advisories/product/10611/
            Earthling2
          • @Earthling2: Maybe, but those holes are nanoscopic...

            ... there's no way you can pass an exploit through them.

            It's as if they were not there.
            Great Kahuna
          • @Great Kahuna

            I'm sure they seem small to you, but you're not a hacker-guru type are you?
            bmonster