Tag: cansecwest
20 zero-day security holes in Mac OS X to be revealed
Charles Miller, a computer security researcher who's worked with the NSA, is planning to reveal 20 zero-day security holes in Mac OS X at CanSecWest, a digital security conference, in Vancouver BC next week. A zero-day security hole is a weakness in software that neither the makers of the software ...
There's a hole in Safari, dear Liza
Update: Thanks as well to everyone who pointed out that we got our sources mixed up! The article linked is the 2007 CanSecWest, and we apologize for the confusion. The winner of the 2009 competition was Charlie Miller (sorry Charlie), and you can read more about this year's competition here -- IE8 ...
MacBook Air knocked out quickly in CanSecWest contest
Once the second-day rules went into effect for the PWN2OWN competition, allowing browser or email exploits to be used, it didn't take more than a few minutes for Charlie Miller, Jake Honoroff and Mark Daniel from ISE to get their 0day vulnerability to work on the target MacBook Air; they walk away ...
CanSecWest offers another Mac hacking challenge
If you fondly remember last year's CanSecWest hacking challenge -- won by researcher Dino Dai Zovi with a Java/QuickTime exploit that allowed him to take over the target MacBook Pro, thereby claiming it as his own -- you'll want to keep your ears open for results of the current challenge, now ...
Gruber interviews CanSecWest winner
Over at Daring Fireball John Gruber interviews Dino Dai Zovi, who won the CanSecWest security contest we mentioned last week by successfully exploiting a MacBook Pro through a flaw in QuickTime's implementation of Java. Dai Zovi explains the sort of thing he did (though obviously without giving ...
More on the CanSecWest exploit and Java
According to Matasano (home base for security researcher Dino Dai Zovi), the announced-but-unreleased web browser exploit that was used to win the CanSecWest MacBook Pro challenge involves browser support for Java. Turn off Java for Safari (or Firefox, or Camino) and your machine is immune. Let's ...
One Mac hack bounty claimed, one to go
No sooner said... the first half of the CanSecWest MacBook Pro hack challenge has been won, with an exploit that uses a malicious webpage to gain a user-level shell via Safari. The second challenge, requiring root access on the target machine, has yet to be won (and requires the use of a different ...
Deals of the Day
more dealsSoftware Updates
more updates- Microsoft Office for Mac 2011 Update 14.3.4
- Pixelmator 2.2 available with over 100 new features and improvements
- DabKick for iPhone lets you share photos, watch videos and now listen to music in real-time
- Google Now added to search app on iPhone, iPad
- GateGuru for iPhone has been updated and greatly improved
- Twitter updates its OS X client
Featured Stories
more stories
Popular Stories
TUAW (or The Unofficial Apple Weblog) is a website devoted to tips, reviews, news, analysis and opinion on everything Apple.