Acer RC 500 Mode Desply In the front you can see the LCD mode display for FM, Music and so on. It doen't functioning,. I t does...
4 hours ago by Wael Alhaili on Acer Aspire RC500
We have relaunched: Take the tour of what's new on ZDNet Australia!
ZDNet / Security / Story
Apple's Leopard hacked in 30 seconds
Apple's Leopard has been hacked within 30 seconds using a flaw in Safari, with rival OSes Ubuntu and Vista so far remaining impenetrable in the CanSecWest PWN to OWN competition.
Security firm Independent Security Evaluators (ISE) — the same company that discovered the first iPhone bug last year — successfully compromised a fully patched Apple MacBook Air at the CanSecWest competition, winning them US$10,000.
Although the competition recorded the hack taking eight minutes, Charlie Miller, a principal analyst with ISE, told ZDNet.com.au that it took just 30 seconds and was achieved using a previously unknown flaw in Apple's Web browser Safari.
"It might have taken eight minutes to sit down and open the computer, but when the competition started, 30 seconds later it was over," said Miller.
Apple has been notified of the flaw, according to the intrusion detection company which offers the prize money, TippingPoint.
Competitors in the hacking race were allowed to choose either a Sony laptop running Ubuntu 7.10, a Fujitsu laptop running Vista Ultimate SP1 or a MacBook Air running OSX 10.5.2.
"We could have chosen any of those three but had to make a judgment call on which would be the easiest and decided it would be Leopard," Miller said.
"Every time I look for [a flaw in Leopard] I find one. I can't say the same for Linux or Windows. I found the iPhone bug a year ago and that was a Safari bug as well. I've also found other bugs in Quicktime."
When the three decided to enter the competition a few weeks ago, they began looking for a bug and then spent time refining the attack to ensure it worked well on competition day.
The technique used to PWN the MacBook Air was similar to a phishing attack where a victim is sent a link which they click on to visit a site containing malicious code, said Miller.
"Basically you type in something to the Web browser and go to Web site that is controlled. In real life, you would get a link an e-mail and if you clicked on it, that would be the same thing," he said.
But hacking Leopard was not meant as an attack on Apple, according to Miller: "I use a MacBook all the time and that's what I used in the contest to attack the MacBook Air. I like Macs. That's the reason I went for it — it's in my best interest for them to be as secure as possible."
Related stories
Talkback
Truth
So was there or was there not physical access?....
Can we get the simple truth?
Anonymous April 11th, 2008Obviously people do
duh! you're looking at a page full of people who care...are you lost?
Anonymous is silly August 25th, 2008ZDNet Australia Live
The New ZDnet Australia looks awesome! http://www.zdnet.com.au/ ^IBB
11 hours ago by webradionice on twitterYou mean they will do what every other medium to large company does, wow.
11 hours ago by daneelr on David Jones rethinks telco contractNo need for an alternative to outlook when outlook 2010 comes out. With the social media plug ins, outlook 2010 will make outlook the em...
12 hours ago by brucemills on Top alternatives to Microsoft OutlookI see ZD have now rectified the displaying of the names of posters, relating to their previously anonymous posts. What a shame, it was so...
13 hours ago by RS on Check out the new ZDNet AustraliaNovatel Wireless MiFi 2352 (European version) & MiFi 2372 (American version, for AT&T, Bell, etc) from the official distributor. No con...
14 hours ago by XLRNAC on Internode MiFiThunderbird is the best I think. If not in the eyes of others, then at least its the best for me. Even it supports Windows as well as Lin...
14 hours ago by webtechquery on Time to ditch Outlook? Eight alternatives tested
RT: @brucemills: DealsDirect serves malware http://zdnet.com.au/339301927/ via @zdnetaustralia #fb
15 hours ago by DaKwozzie on twitter
Whitepaper from http://3W.com.au "Outsourcing Your IT Requirements to Philippines" now on @zdnetaustralia & @zdnetasia http://ow.ly/1oYbz
16 hours ago by brucemills on twitter
Whitepaper from http://3W.com.au "Outsourcing Your IT Requirements to Philippines" now on @zdnetaustralia & @zdnetasia http://ow.ly/1oYbA
16 hours ago by itemployment on twitter
RT @3wconsulting: Whitepaper from http://3W.com.au "Outsourcing Your IT Requirements to Philippines" now on @zdnetaustralia & @zdnetasia http://ow.ly/1oY9f
16 hours ago by LeesaAT3W on twitterDealsDirect serves malware http://zdnet.com.au/339301927/ via @zdnetaustralia
16 hours ago by brucemills on twitterWell after a few days, the ridiculous childish replies (apart from one) seem to have disappeared! Let's hope it stays that way! Also...
21 hours ago by RS on Check out the new ZDNet Australia
RT @zdnetaustralia: http://bit.ly/cg9xad NSW gives Sharepoint a tick after running a pilot across different government units
21 hours ago by nathanburgess on twitterlol, anonymous...
Seems you have to disable Windows ACPI Battery service as a workaround.
Good to see a twitter feed on @zdnetaustralia - even if i did suggestion it oh, 18 months ago. new site looks amazing tho.
22 hours ago by jyesmith on twitter
Applied Technology Consulting solutions,
IDC Study:
http://m.zdnet.com.au/worm-warni...
Ciao everybody, this is a good interview. Professor Olle Johansson [neuroscientist] put across a scenario to think about. I...
1 day ago by Donato on Are mobile phones killing our grandchildren?Honestly. Big whoop if background radiation increased by over nine thousand times. And the temperature analogy is stupid. For that to ma...
1 day ago by CryptWizard on Are mobile phones killing our grandchildren?Oh in regards to building the NBN without using Telstra being expensive, how do you know this to be true? It's All hear-say, lets al...
1 day ago by ZeroNut on Telstra wants more cash for assets@Brumby: "They have realised it will cost way more then the $45 billion they said it would cost to build without using Telstra and ha...
1 day ago by ZeroNut on Telstra wants more cash for assetsNew Dell Studio 1535 battery online shop During the next few days, enjoy 37% at New Dell Studio 1535 battery 1 year warranty 30 days ...
1 day ago by petersun on Dell Studio 1535Vasso, hello... Telstra received the PSTN and the $b's in profit that go with it, with one simple clause - THEY HAD TO ALLOW COMPETI...
1 day ago by RS on CCC: Telstra bets on change of govtIt's all very well for the Competitive Carriers Coalition to be clamoring that big bad Telstra is holding the nation to ransom, even ...
1 day ago by Vasso Massonic on CCC: Telstra bets on change of govt
The iPad kill ebooks as we know them | TalkBack on ZDNet http://bit.ly/9Mgyey
1 day ago by digitalestore on twitter
http://www.zdnet.com.au/is-it-wi...
test before release of Win7 : " is it Windows 7 ? "
Want a tablet-based device but don't want an iPad? The HP Slate might be for you - ZDNet (blog)
2 days ago by Hamiltonbz on twitter
Allianz CIO 'lost hair' over Linux upgrade http://zdnet.com.au/339301891/
2 days ago by jCerterux on twitter
Google discovers malware hidden on DealsDirect retail website http://bit.ly/cxKV8u /via @zdnetaustralia
2 days ago by ej_butler on twitter
Only Google could leave from China #2. http://blogs.zdnet.com/BTL/?p=31...
2 days ago by DrMiaow on twitter
RT @brucemills ZDNet tests show Avg Internet speed in Aust is slower than Estonia http://ow.ly/1o8vq
2 days ago by louellenroberts on twitter
brucemills
Tallinn, here we come! RT @brucemills ZDNet tests show Avg Internet speed in Aust is slower than Estonia http://ow.ly/1o8vq
Excellent yarn on Austrade potentially adopting Offcie 2010, from @jackie_holt: http://bit.ly/brccfU (@zdnetaustralia)
2 days ago by renailemay on twitter
CCC believes that Telstra is gambling on a change in government to stop the NBN Co http://bit.ly/bZ3V96
2 days ago by zdnetaustralia on twitter@zdnetaustralia internet speed tests show Average Internet speed in Aust is slower than Estonia http://ow.ly/1o8vq
2 days ago by brucemills on twitter
NSW gives SharePoint tick for roll-out. http://m.zdnet.com.au/nsw-gives-...
2 days ago by LASharePointPro on twitterKeep up with ZDNet Australia
Linkedin 
RSS Feeds 
Newsletters 
Twitter | Optus | 41 plans |  4% |
| Telstra BigPond | 30 plans |  9% |
| Vodafone | 7 plans | 2% |
| iiNet | 32 plans | 2% |
| Netspace | 36 plans | 1% |
| Mobile Broadband Plans | 6% |
| ADSL2+ Broadband Plans | 8% |
| Cable Broadband Plans | 1% |
| Naked DSL Broadband Plans | 3% |
| ADSL Broadband Plans | 1% |
Lame contest...
What the article does not point out is that on the first 24-hours of the contest, the contestants were suppose to do an attack on the Mac remotely via the network alone.
No one could hack the Mac remotely via the network alone.
The second day, they relaxed the rules and allowed the contestants physical access to the Mac so that they could install an automated user to receive emails or use a browser to go to a malicious website set up by the contestant.
Duh.
It took more than 24-hours to hack the Mac. It takes days to program an automated user or develop and program a malicious website. They had to do the work even before the contest.
And it took physical access to the computer to hack it. They could not hack it over the network at all!
Thus the contest is a crock.
I doubt any user will allow a crook or stranger physical access to their personal computer. Once a person has physical access to a computer then any computer can be hacked. Through the firewire ports, any Windows computer is instantly compromised, for example.
Lame response
They didn't have physical access to the Mac at all, the second day rules were that the user of the Mac went to the attacker's website. Nothing more. Its the same kind of thing you might do with your next click...
Lame Apple software
"any Windows computer is instantly compromised" ... but only if running the unpatched QuickTime app ... an app from Apple itself (Duh, cant blame others this time). As for remote access http://docs.info.apple.com/article.html?artnum=305445 - itonically cause by a security patch itself - double doh.
lame you guys
why are you guys don't want to admit a flaw in apple?? windows used to be sucks couple years from now, but it's getting better and better at security. i'm using windows right now and planning to move to apple within a couple of years (saving money). but i don't like stupid people that think apple's perfect. nothing's perfect you morons.
Lame for sure
User intervention, arh! thats not hacking at all, get back on good old days of unix shell and really killing a server!!!!
Its the dope pushing the keys on the other end that comprises the machine windows or mac, not the Os.