Re: CanSecWest hacking contest UPDATE (How did your OS fair?)

Only two minutes for $10,000. Nice...

Re: CanSecWest hacking contest UPDATE (How did your OS fair?)

I hope this forces Apple to reconsider their stance on having a Chief Security Officer, and having a security team that looks into vulnerabilities and fixes them.

It is very much unacceptable that open source software that has been patched for months/even years now is vulnerable since Apple has not released a new update to their OS.

I am not surprised at all that the Mac was a prime target and that once one is allowed to couch a user through to clicking a link that it was owned. There have been many flaws in Safari over the past few weeks, and several of those had not been fixed by Apple, even-though they were freely available on the net weeks before their 10.5.2 update was released. Security of the Unix user model only goes as far as the software interacting with it. In this case Safari.

Re: CanSecWest hacking contest UPDATE (How did your OS fair?)

Don't forget the two days before the contest it took for the dude to code up the web page. I bet if the linux machine was the new top of the line Alienware laptop it would have been the first. You notice they went in order of value? Besides, who uses Safari?? I only use it on my phone...

Re: CanSecWest hacking contest UPDATE (How did your OS fair?)

Well of course, anyone in this sort of contest who intends to win is going to do their fair share of preparation.

As for how many people use Safari, here are the October 2007 estimates on browser market share:
Current estimates place ~1.3 billion of the world's 6+ billion people connected to the Internet in some way. This means an estimated 60+ million people may be using Safari. I'd say that's enough!

Re: CanSecWest hacking contest UPDATE (How did your OS fair?)


I'd say that's far too many.

Re: CanSecWest hacking contest UPDATE (How did your OS fair?)

same thing here, i just used safari on my phone. But still, I considered myself a user. And the hacking contest, that is cool.. 10,000 in just 2 minutes? awesome.

Re: CanSecWest hacking contest UPDATE (How did your OS fair?)

I don't understand why people knock Safari so much. WebKit is an awesome engine, and has shown that it is the easiest to hack in new support for standards (and with hack I mean code up a very clean awesome solution), and provide an engine that is capable of easily being ported. Safari is a clean lean browser.

On Mac OS X it is one of the better browsers, there is nothing that can really compare to it. FireFox is definitely not an option. Camino is a pretty valid substitute, but it just does not feel like it is part of the OS.

Safari by any other name would be Epiphany, Konqueror and, and several others that have popped up since WebKit has been open-sourced and ported to mobile platforms, QT4 and GTK.

Re: CanSecWest hacking contest UPDATE (How did your OS fair?)

I agree totally. But even if its off by 50% or even 75%, it's still in the tens of millions.

Re: CanSecWest hacking contest UPDATE (How did your OS fair?)

You misunderstand. If one person is using Safari that means one person is using OS X...and that my good man is one too many.

Re: CanSecWest hacking contest UPDATE (How did your OS fair?)

I guess it shouldn't be surprising that I had actually considered that this is what you meant.

Re: CanSecWest hacking contest UPDATE (How did your OS fair?)

Eh, guess I am one too many. Safari also exists on Windows, do you have the same mindset with regards to Windows?

Re: CanSecWest hacking contest UPDATE (How did your OS fair?)

I see you're still pissed at Apple.


I've not had problems with Firefox. Of all the Mac users I know (quite a lot) maybe two or three use Safari. Most use Firefox.

Re: CanSecWest hacking contest UPDATE (How did your OS fair?)

see... i think that what Chris (and, in fact, what I) experience with Apple is not what others experience.

Most people who allegedly "hate" Apple do so for one of two reasons...

However, what Chris, I, and others have experienced with this company leaves a black burn mark on our very soul somewhere. His was a tale of frustration, fury, and ultimately supreme fucktard-ism on the part of a company that absolutely couldn't get their shit together at all. My hatred comes from overall business models dedicated to intentionally-different, proprietary technology (particularly as far as codecs, multimedia platforms, and personal tech devices are concerned) that do nothing but shove DRM down people's throats while making them pay 3x as much as they should for the privilege.

All in all... i'd say the dividing line between people who truly "hate" Apple and those who are just slightly pissed is "how will you behave when the next over-hyped Apple gadget comes out?"

Everyone who is in category one and two above will drool and get in line over the next iPod or MacBook Air or whatever. People like Roamer and I will roll our eyes and walk the other way.

btw... obligatory reference...

Re: CanSecWest hacking contest UPDATE (How did your OS fair?)

Deviant is correct about my experience with apple and the reasons behind why I despise them as a company and refuse to support them financially.


What NEVER ceases to amaze me though is what I consider to be a VERY hypocritical mindset within this community (lest this be misconstrued due to the odd pseudo quoting in my reply, this is in NO WAY directed at Deviant, who is anything but a hypocrite). People can't stop bitching about how important their privacy is to them, but can't sign up for gmail fast enough because they love the storage. People can't stop complaining about Microsoft or Verizon's horrible business practices but get whiplash turning their head from WORSE practices by Crapple because the hardware is sexy.

I am not naive enough to think that every company that I have purchased products or services would never deceive the consumer or hide a shady business practice. I CAN say that when/if I find out about it I am not willing to just look the other way because it is convenient or trendy.