14 DAY TRIAL // Word on the web is that the exploit Charlie Miller used to "pwn and own" Apple's MacBook Air at CanSecWest last month had actually been acknowledged and publicly revealed almost a year before the contest.
NetworkWorld is reporting that security researcher Chris Evans said in an email interview that he found the bug, which he publicly disclosed later in November 2007. Even though PCRE developers said they were on top of the issue a few months earlier, they had neglected a bug or two, releasing an incomplete May 2007 PCRE 6.7 product, said Evans.
Apple's standard web browser found on all of its Macs, Safari, uses the PCRE software library. Apple, as most of you should already know, patched its version of the library just last week. You do the math and see how big of a head start did Charlie Miller have to be able to compromise Apple's Air via its own web browser.
Another email interview with Miller revealed that the bug he'd exploited was the same one that was patched in PCRE 6.7. He claimed, however, that his team researchers at Independent Security Evaluators had found it "completely independently." Adding insult to injury, Miller's presentation at the Black Hat security conference in 2007 saw the hacker arguing that one way to find bugs in Mac OS X is to "look for out-of-date open-source software that ships with the Mac and then scan that project's files," the aforementioned source posts.
Miller confirmed that he had "told Apple about this backporting problem then... they didn't listen and I didn't listen either," he added, "because we didn't find the bug by looking at changelogs, we found it with source code analysis," Miller said.
Everyone knows that in order to nab yourself a prize at PWN2OWN, as a hacker, you need to use "zero-day" flaws/exploits, something that can't be said about Miller's Safari exploit. However, "the fact that Miller exploited a flaw that was unpatched in Apple's products was enough to earn him the prize," said conference organizers according to the same source.
When asked if he had any plans to return the money, Miller said: "No way. It's not my fault they don't fix their bugs." Isn't this a little bit like being an accessory to murder or something?
Apple representatives are saying they must first research the matter at hand in order to issue a reply.