Mac OS X Security – Reality Check #2

First, let me express a caveat.  I don’t really care for “hack the box” contests.  If a machine doesn’t get hacked, it does not mean it isn’t breakable.  If it does get hacked, it just shows us what we already know – any machine can be broken under the right circumstances. 

So, don’t read too much into the PWN 2 OWN results.  I don’t.

Okay, having said that, given how obnoxious and misleading I find those Mac OS X ads and how they’ve spent millions of dollars publicly criticizing Windows Vista security improvements, I find it ironic and apropos that Mac OS X was the first machine to be owned in the PWN 2 OWN contest at CanSecWest today.

Read about it in LinuxWorld at: Gone in 2 minutes: Mac gets hacked first in contest.

Summary:  Charlie Miller appears to have set up a web site containing malicious code and used a “browse to own” vulnerability to win the contest.

About the Author
Jeff Jones

Principal Cybersecurity Strategist

Jeff Jones a 27-year security industry professional that has spent the last decade at Microsoft working with enterprise CSOs and Microsoft's internal teams to drive practical and measurable security improvements into Microsoft products and services. Additionally, Jeff analyzes vulnerability trends Read more »