Scripps Employees Called 'Hackers' For Exposing Massive Security Flaw
Suspected PayPal Hackers Seek Deal To Stay Out Of Prison
MacBook Air Hacked In Under Two Minutes
If there's one thing Apple users love to taunt Windows users about, it's security. Mac owners giddily flaunt their lack of virus scanners and lack of worries in front of their PC comrades, whose machines look comparatively bloated with virus scanners, firewalls, and daily patch updates to fix the exploit du jour. Bad news for those Mac users, then, as a recent hacking competition showed that the new MacBook Air is able to be completely compromised in under two minutes.
The hacker in question, Charlie Miller, achieved this feat as part of a hacking competition called PWN 2 OWN. Miller hosted a malicious Web page privately, accessed it from the MacBook Air, and then, within two minutes, was able to take full control of the machine remotely and make it do his bidding.The culprit here is apparently an undiscovered flaw in the Mac Web browser Safari, which has shown to be somewhat lacking in the security department on both the iPhone and on Windows.
Charlie won $10,000 for his troubles, and he got to keep the laptop, but as part of the deal, he was also required to keep secret about the details of exploit, so hopefully there's little chance of it getting into the wild and taking over Macs around the world.
Still, we'd recommend steering clear of Safari -- and perhaps not being so smug.
From Engadget
Related Links:
- iPhone's Web Browser Vulnerable to Hacker Attacks
- Safari for Windows Contains Trojan Horse
- PayPal to Customers - Don't Use Safari
LOOK: Bank Vault Saves 22 Lives During Tornado
Live from Microsoft's New Generation Xbox event!
Demi Looks FANTASTIC In A Bikini
Xbox Reveal liveblog on Joystiq
Dozens Killed in Oklahoma Tornado; Death Toll to Rise
PHOTO: Dog Guards Dead Victim's Body After Oklahoma Tornado Disaster
Xbox One architecture panel liveblog!
H&M's Plus-Size Model Jennie Runk Says She Chose To Gain Weight
Brave Woman Stood Down Armed London Attackers
Okla. Sheriff's Deputy Finds Dog Guarding Body Buried Under Destroyed Home
Man Reportedly Beheaded In Brutal Assault In London Neighborhood
South American 'Crazy' Ants Are a Threat in Southern US
Selena Gomez Leaving Justin Bieber's House: Booty Call Rumors Swirl
Surgeon's Remove Giant Hairball From Tiger
Okla. School Survivor: Teacher 'Saved Our Lives'
Mother Dies With Infant During Oklahoma Tornado
U.S. Acknowledges Four American Citizens Killed In Drone Strikes
Mum-Of-Two Faces Down Woolwich Attack Suspects
Wolf Blitzer's Embarrassing Moment With Tornado Survivor
PHOTOS: Christie Brinkley Gets Back Into A Swimsuit At 59 Years Old
Help For Heroes Killing
The World's Most Powerful Women
Singer Sues McDonald's, Claims Chicken Sandwich Incident Ruined Her Voice
PHOTOS: Tornado Aftermath Leaves Trail Of Destruction
NY Times Eviscerates Obama White House
Who Won 'DWTS'?
White Father Allegedly Suspected Of Kidnapping Biracial Daughters
Tornadoes Strike Oklahoma
WATCH: Tornado Victim Finds Dog During CBS Interview
PHOTOS: This Is The Best Response To Abercrombie CEO Mike Jeffries We've Seen Yet
Tara Ellison: Why I Gave A Toast At My Ex-Husband's Wedding
Comments
9
Subscribe to commentsShieldzeeMar 28th 2008 10:57AM
Um, let's see - 40,000 identified viruses for Windows, zero viruses on Macs, and a very smart security guy socially engineers someone to click on a malicious link to gain control of a machine? As a Mac user, I will continue to use Safari and I will remain smug.
Common SenseMar 28th 2008 11:15AM
Let's see...the only security here is "obscurity". If you are going to hack, you will target the strongest. I'm a windows user out of common sense. More functions/apps/etc. Macs are for people that just want to be different for the sake of being different;. Get outside once in a while.
JackMar 28th 2008 11:24AM
Well my smug days are over.
I will never again allow hackers who have direct access to my computer to navigate to any sites that I am not familiar with.
Other than that I still feel pretty secure.
Jack
TchalvakMar 29th 2008 5:56PM
The normal actions of predators imply the you -do- attack the weakest of the herd, not the strongest, to get the most meat. By the implication of the distribution of viruses, that is Windows security.
Similar logic can be applied to Safari; Charlie Miller chose it for that weakness, as the other safari security flaw references imply, and webcode that can take advantage of that weakness can be spread around. If you think you're secure because you're not going to "navigate to sites I'm not familiar with" you've got a sadly naive view of internet security.
I think that it takes a loss of security to truly see the merit of using a rock-solidly secure OS and a rock-solidly secure browser. At very least avoid Windows and Internet Explorer, above all else.
Linda WMar 28th 2008 2:04PM
The fact that you have to visit a outside link is all that it takes for most non-tech savvy windows users too.
This wasn't a test to see if hackers could break in, -- that was on day 1. Day 2 was seeing if a local user could easily break security with only the system's pre-installed tools. It was a test for what could happen to a "naive" user with standard, included software. The fact that Vista wasn't also a hacked may lie in its current market penetration and ease of use by a 'naive' user than in its security.
babycakesMar 30th 2008 6:10AM
My son put Firefox on my Mac :) No Safari worries!!!
Armand BMar 31st 2008 7:10PM
It is what it is. Macs are for the most part virus proof for now but who would want to hack only 10% of the market anyway. A Dell computer is still faster than a Mac even when it's bogged down with virus software. and don't even get me started on all of the tons of software you can use on a pc. Macintosh users work in such a small world. I have to wait 3 hours for the FAST G5s here at work to print a file that my bogged down pc will print in 3 min. do the math. Macs are for women and gay men anyway. (not that there's anything wrong with that)
Brandon BMar 31st 2008 10:09PM
Anything can be hacked, and just because hackers haven't focused much on macs doesn't mean they're any more secure. I agree with Armand Macs are for girls and gay men (not that ther is anything wrong with that), most of the world runs on PCs and why would a hacker attack someone's little pictures or videos when they could attack a company and steal all their personel files.
Therefore, the security of Macs is based on entirely on their unpopularity.
Besides any gamer can tell you that PCs are faster, more customizable, and generally better. :P
Crl WilliamsApr 16th 2008 2:25PM
I must be a girl or gay, or maybe even both, 'cos I use a MacBook. Nothing wrong with that.
I get around the Safari security issues with a combination of Firefox and Linux.
There are technically worse security holes, but browser vulnerabilities score a good hit rate for "hackers" 'cos everyone uses a browser and most are a bit careless. Some people even use Internet Explorer! Couple that with a great fondness among the immature male WinGaming market for porn sites and it must be like fish in a barrel.