Back to Mobile View

Skip to Content

One Mac hack bounty claimed, one to go

No sooner said... the first half of the CanSecWest MacBook Pro hack challenge has been won, with an exploit that uses a malicious webpage to gain a user-level shell via Safari. The second challenge, requiring root access on the target machine, has yet to be won (and requires the use of a different exploit). As far as we know right now, this is a zero-day exploit without a known patch. (Grrr.)

It's worth mentioning the elephant in the room for this contest: where was the $10,000 bounty for a similar takeover of a Windows XP or Vista stock patched configuration? It wouldn't have taken a day, that much is certain.

More news as it comes... thanks to our vigilant commenters for the link.

graphic: Sebastiaan de With

[via Matasano]

© 2014 AOL Inc. All Rights Reserved.