http://www.theregister.co.uk/2010/03/25/pwn2own_2010_day_one/
IE and Firefox don't do too well either... which isn't a surprise.
IE and Firefox don't do too well either... which isn't a surprise.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Safari gets pwned in a five-line Python Script
- Thread starter Stella
- Start date
- Sort by reaction score
Heh. Anyone who can answer this question should get a $15,000 prize
...although your thread title is a little misleading. The bugs were found using the python script, but the script itself didn't actually do anything. Semantics.
That is completely and utterly wrong.
The contest is set up specifically to start that urban myth. 50% of first day was scheduled to Apple products (when Apple doesn't own 50% of browser market). They also allot times for apple first (aka they cannot work on internet explorer or firefox earlier in the day.)
http://obamapacman.com/2010/03/appl...cked-cracked-in-20-seconds-the-whole-story/2/
Oh yay, another blog post to debate over.
There are a number of fair points in the post, however....
Talk about selective journalism. On Pwn2Own's blog post about the 2010 competition, RIM, Android, and Chrome are all listed. The drawing of time slots was random as far as we know; there's a video of it on the site. I suppose you could speculate on how random it actually was, but speculation will happen no matter what. Interestingly they didn't even let the second iPhone slot go ahead; it'd have been an even more explosive headline if it was "iPhone hacked twice in one day!"
No it isn't Every hacker test/contest always had apple's vaunted web browser fail first. I'm not sure how you can disagree with facts but hey I suppose if I drank the kool-aid I'd also disagree with facts.
Bottom line - any software or device is hackable given enough time. That Apple tries to market their products as unhackable is called "deception in advertising".
yet the fair-weather apple bandwagon will still debate the technicalities of who failed first.
bottom-line is - the thing broke. just admit it.
Bottom line - any software or device is hackable given enough time. That Apple tries to market their products as unhackable is called "deception in advertising".
yet the fair-weather apple bandwagon will still debate the technicalities of who failed first.
The issue as I see it, is that apple seems to believe thier own "deception in advertising" just look at how long it took them to add anti-phising technology into safari. Apple is probably the slowest vendor at dealing with security issues. Granted Microsoft has had a lot more practice filling in the security holes, that doesn't take away the fact that they now have a good process for dealing with it.
Apple on the hand, typically takes the head buried in sand approach, unfortunately that means they're playing russian roulette with my data
Damn that sounds bad. Obviously I understand that viruses are bad, but I'd never even know if a website I have visited steals my shiz.
http://www.apple.com/macosx/security/
Where is the deception? Or are you getting ready to make a sandwich with all that baloney?
Not a helluva lot to protect against. If you want to do yourself a real disservice, play with your data on a Windows box, which by the way, was not only compromised at the competition, but also has over 100,000 bits of nastiness for it just waiting to get at your data. Double-whammy.
And that would be marketing. Marketing very rarely is reality.
I recall a Java issue that took Apple months (if not a year) after Sun had already developed a fix. Having a truly closed system is a mixed bag.
Really? Apple doesn't claim OS X to be the most secure OS. Apple doesn't claim anything remotely outlandish. In fact, EVERYTHING on that page is perfectly true and acceptable. Apple even goes so far as to advise users to be extra careful and how to do it.
I don't recall Apple ever saying that Safari was invulnerable, or even that it was more secure than anything else.
Safari was created to fill in a large sucking void caused by the departure of IE for the Mac and before Firefox got ramped up. Safari for Windows was created simply as an ad campaign to get people to try Apple products (other than lackluster iTunes and Quicktime) AND to encourage primarily IE focused web developers to perhaps consider making their junk compliant for Safari without having to say "I'm not going to buy a Mac just for that".
I think some folks confuse the unfortunate claims and allusions created by the advertisement and marketing people, salt it liberally with the claims of the 'kool-aiders', and then claim it as the anti-gospel of Apple itself and look for opportunities to take pot-shots.
Safari was created to fill in a large sucking void caused by the departure of IE for the Mac and before Firefox got ramped up. Safari for Windows was created simply as an ad campaign to get people to try Apple products (other than lackluster iTunes and Quicktime) AND to encourage primarily IE focused web developers to perhaps consider making their junk compliant for Safari without having to say "I'm not going to buy a Mac just for that".
I think some folks confuse the unfortunate claims and allusions created by the advertisement and marketing people, salt it liberally with the claims of the 'kool-aiders', and then claim it as the anti-gospel of Apple itself and look for opportunities to take pot-shots.
There's the rub, because I know that windows has some security issues, I can run software to protect my system and data, but because apple markets OSX as a more secure OS, they lead the consumer into a false sense of security. I would say that my data is safer on windows because I run security software then OSX w/o security software.
Clearly they're advertising how secure the OS is
I wouldn't waste too much energy on this maflynn. As long as there is wiggle room the apologists and fanboys will wiggle.
Bottom line - any software or device is hackable given enough time. That Apple tries to market their products as unhackable is called "deception in advertising".
I don't know about them claiming "unhackable".
Citation?
I've seen and heard them claim OSX as secure, or the most secure
consumer OS .. but don't recall them claiming it as unhackable.
Clearly they're advertising how secure the OS is
Exactly. It is very secure against 99.9999% of malware out there. Which is Windows malware.
Further, note that its built-in defenses *help* keep you safe. Help. Not guarantee. They just help, along with safe practices. It all just *helps.* There are no guarantees, and Apple doesn't make any. OS X is *not* insecure, either. There are security features that come with Unix 9and very good ones), including user prompts, and there is a built-in firewall. No current consumer OS is actually "insecure."
Apple is being completely reasonable with their statements.
When fanboys are right, they're right.
Amen.
They are not saying it is unhackable, merely they are saying it doesn't
get PC viruses. There are no constant sweeps and prompts either.
That ad is 100% accurate and isn't false advertising.
Besides, when is the last time any of you had an OSX "virus"?
Secure?
You're right - there's no discussing anything with LTD when it requires the fact that apple isn't 100% right.
see that's the problem with fanboys. You always think you are right even when you're not.
There used to be more viruses for the classic Mac OS, and that's when Macs had far less market share!
In answer to your query: never. You can surf questionable sites with your firewall disabled and any other OS-level security feature disabled (not counting what comes with your router) and you can be quite confident that you'll never get any sort of OS X malware. And you can also be confident that as long as Windows commands the lion's share of the bulk market (that is, outside the Premium end, since MS to its eternal shame lost control of it) OS X will remain the safest. And by the looks of it, hey, people are calling Windows 7 a good OS. Which means great things for OS X if you espouse the security via obscurity argument. Plus, the $1000+ end of the market can expand, but there is a definite limit, both in terms of that entry-fee, and in terms of Apple not licensing (or rather, not whoring) their OS out to any and all hardware makers. You'll never see enough OS X market share anyway to facilitate even a classic Mac OS level of malware proliferation, much less the veritable sh*tstorm of malware that unfortunate Windows users have to deal with. Again, although Unix has some great security features, I'm letting the security-via-obscurity folks have their day here.
In fact, Apple can make the claim (easily) that OS X is impervious out-of-the-box to most malware that exists today, since the vast majority of it is Windows malware. It would be completely true.
2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010.
Still safe. So tell me, who's wrong again?
Speaking of "fanboys", your big-ass Fedora avatar is showing.
This is the second time I've said this in as many weeks, but... as much *LTD* may say things that I don't agree with, he's not wrong in this one. Nowhere does Apple say that OS X or Safari is "unhackable" and it IS safer than Windows.
He's not wrong on this one.
He's not wrong on this one.