CanSecWest: pwn2own Wrap Up (Adobe Flash Causes Vista Laptop Pwnage)

Apple’s Leopard lasts ’30 seconds’ in hack contest:

“It might have taken eight minutes to sit down and open the computer but, when the competition started, 30 seconds later, it was over,” said Miller….Competitors in the hacking race were allowed to choose either a Sony laptop running Ubuntu 7.10, a Fujitsu laptop running Vista Ultimate SP1 or a MacBook Air running OS X 10.5.2.

“We could have chosen any of those three but had to make a judgement call on which would be the easiest and decided it would be Leopard,” Miller said.

Miller further elaborated, “I use a MacBook all the time and that’s what I used in the contest to attack the MacBook Air. I like Macs. That’s the reason I went for it; it’s in my best interest for them to be as secure as possible.”

Meanwhile, the Fujitsu with Vista (and Vista’s SP1) remained unscathed until late in the day yesterday when Adobe Flash was installed. Shane Macauly, who with the collaboration of Dino Dai Zovi pwned the Mac in last year’s pwn2own, used a new Flash 0day exploit to claim the Fujitsu and $5000.

Readers of my blog know I’m a proponent of flashblock and other extensions for Firefox (and Seamonkey) that help users whitelist trusted sites. Flash has proven susceptible to malevolence too many times to be allowed to run promiscuously, if at all. FWIW, I only use flash temporarily — install it, use it, remove it; so I use it only as needed — for dealing with youtube content.

Advertisements

2 Responses to “CanSecWest: pwn2own Wrap Up (Adobe Flash Causes Vista Laptop Pwnage)”

  1. Hardware IT Blog » Blog Archive » CanSecWest: pwn2own Wrap Up (Adobe Flash Causes Vista Laptop Pwnage) Says:

    […] Jurjen de Groot: […]

  2. Najlepsze Programy, Recenzje, Informacje. » Blog Archive » CanSecWest: pwn2own Wrap Up (Adobe Flash Causes Vista Laptop Pwnage) Says:

    […] Original post by lucky […]

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: