Top stories

Apple Devotes Entire Home Page To Jerome York Obituary

20100318-york.jpg

If ever you needed a sign that Apple was a different kind of technology company, this is it.
What other computer manufacturer would remove its top-selling, hype-inducing, industry-altering new product from the prime spot on its website home page, and replace it with an obituary to an investor?
This is one of those “Here’s to the [...]

Coming Soon: Steve Jobs, the Sitcom

Fake Steve creator Dan Lyons just signed a deal to bring Steve Jobs to another small screen near you.
The half-hour series called “iCon” is billed by the presser as “a savage satire centering on a fictional Silicon Valley CEO whose ego is a study in power and greed.”
Making sure the barbs prick will be the [...]

What’s Next For the iPad? A Tabletop iPad, According to Xerox PARC Circa 1991

Way back in 1991, just as Apple was transitioning from 68k to PowerPC chips, the braniacs at Xerox PARC were predicting it’s entire iPod, iPhone and iPad strategy. And next up for the iPad is a blackboard-sized device.
Nearly 20 years ago, just as personal desktop computers were taking off, researchers at Xerox started thinking about [...]

iPhone App Arms Users With Silent Panic Button

A new app called Silent Bodyguard features a panic button that sends an SOS distress signal with GPS coordinates to potential rescuers without alerting onlookers.
While the $3.99 app, available on iTunes, isn’t the first ICE (in case of emergency) app, this one is backed by Dr. Clint Van Zandt, former FBI chief hostage negotiator and criminal [...]

Security Expert Hacks a Mac in Seconds

12:26 am, March 19th, 2009, Lonnie Lazar

cmiller.png

Charlie Miller, principal security analyst at Independent Security Evaluators, used a security exploit in Safari 4 to hack into a MacBook in about 10 seconds Wednesday, winning the Pwn2own contest at the CanSecWest security conference for the second year in a row.

The security hole, which Miller said he discovered last year, allows a remote attacker to gain control of a machine by getting the computer user to click on a malicious URL, as Miller demonstrated.

“It’s not easy, but this worked with one click” from the Safari browser, he said.

The contest is sponsored by TippingPoint, which shares details on the exploit with Apple and develops a patch for it. TippingPoint offers $5,000 for each new exploit demonstrated in the major browsers and $10,000 for each successful exploit in the major smartphones.

Miller also discovered an exploit in the mobile version of Safari shortly after the iPhone was launched in 2007. In addition to the $5000 prize for his efforts Wednesday, he gets to keep the MacBook he used to win the contest.

[CNet]

Posted by Lonnie Lazar in News | Comment on this article

If you enjoyed this article:
Subscribe via RSS or email, or follow us on Facebook and Twitter

About the author

Lonnie Lazar

Lonnie Lazar is a writer, musician, web designer attorney. He writes about Apple for Cult of Mac and Mac|Life, and about VoIP and telecommunications for Voxilla. Follow Lonnie on Twitter @LonnieLazar, join the Cult of Mac on Facebook, and find Lonnie's photos on Flickr.

Email the author | Read more posts by Lonnie Lazar.

Related posts from Cult of Mac

4 comments

    Wasn’t he a Mac security expert?
    Didn’t he prepared before the contest, how others browsers performed in that show?

    Is there a browser that is immune to attacks?

    Ohh! …

    Deocliciano Okssipin Vieira, on March 19th, 2009 at 3:02 am

    It’s interesting that this can be considered valid in a Beta browser. But useful as now the exploit will be fixed.

    Steve, on March 19th, 2009 at 3:23 am

    Is it a hack if it needs user input?

    John, on March 19th, 2009 at 10:50 am

    “In seconds!” the breathless bloggers all write… then right there in the article it says that he discovered it last year; reading more about the contest reveals that he worked on the exploit weeks ahead of time and put it through weeks of testing. So no, he didn’t hack a Mac in SECONDS, he took weeks to hack it after a year of studying the security hole.

    And yeah, the exploit relied on someone clicking a suspicious link in an email. Duh.

    ItsGene, on March 19th, 2009 at 12:54 pm

Buy Inside Steve's Brain Buy from Amazon.com Buy from Barnes & Noble