Few weeks back I read this article about the CanSecWest hacking contest and I said …pfff… hmmm… why we don’t have these contests in India…?[Microsoft Security Shootout was a nice try in 2006 though…] anywayz, and recently in one of my RSS feed, I got this news, that MacBook Air[Poor thing…was on…solid diet.. I guess..maybe just Air…:D] got hijacked in less than two minutes at the CanSecWest contest by security researcher Charlie Miller [a well-known hacker who was among the first to break into the iPhone]. The other two contenders[The Hardware.. I am talking about here] were VAIO VGN-TZ37CN running Ubuntu 7.10 and a Fujitsu U810 running Windows Vista Ultimate SP1[Hmmm… now I guess.. I know why there was the delay in releasing the SP1] are standing still so far…let’s see what happens to them.
For the tech-freaks, the first day of the contest saw contestants trying really hard to break into the laptops over the network; looking for a loophole in the OS itself, and nobody could do it. So on the second day, according to the contest rules, contestants directed organizers to specially crafted Web pages[With not-so-sweet surprise hidden in them :)]. Miller was real quick, in less than 2 minutes, he could get into the MacBook by directing the user to his web page containing magic beans[:P]. And yes.. MacBook did spill the beans..but you know… what? Safari is said to be the culprit here.. and now I understand why Mozilla CEO’s rear end was not too happy about Apple Pushing Safari to the end users with iTunes. Check his semi-regular stream of unconsciousness[Dude…get a name…:P]..here..Oh..he was worried about the end user’s security and blah .. blah.. blah..I would suggest all the Dirty Brown Fox Lovers to go and check http://www.mozilla.org/projects/security/known-vulnerabilities.html#Firefox.