14 DAY TRIAL // At this year’s Pwn2Own hacking competition, the renowned security researcher going by the name of Charlie Miller walked off with a new MacBook Pro computer, after exposing a vulnerability in the Mac OS X Safari browser, compromising the system. Miller, of Independent Security Evaluators, showed great discontent towards Apple’s lagging efforts in patching up Mac OS X, claiming that he would go up to it and show it where it was going wrong.
At the CanSecWest security conference held in Vancouver, BC, the target pairings for day one included Apple’s Safari 4 on Mac OS X Snow Leopard. Using just a few lines of code, Miller created what he called a “dumb fuzzer,” Macworld reports. The tool automatically searches for flaws in software by inserting data to see where the program fails, the report explains. Using this method, the hacker quickly revealed 20 vulnerabilities across multiple Mac OS X applications.
Using one of the flaws he found by “dumb-fuzzing” to exploit Safari on a MacBook Pro, Miller won a $10,000 cash prize money, a free trip to Las Vegas this summer to the DefCon hacking conference, and the very Apple laptop he’d just hacked.
However, Miller wasn’t satisfied with just winning a bunch of stuff for his findings. The security researcher actually suggested he was tired of the lack of progress in security, according to Macworld, stating, “We find a bug, they patch it. We find another bug, they patch it. That doesn’t improve the security of the product. True, [the software] gets incrementally better, but they actually need to make big improvements. But I can’t make them do that.”
“People will criticize me and say I’m a bad guy for not handing over [the vulnerabilities], but it actually makes more sense to me to not tell them,” Miller added. “What I can do is tell them how to find these bugs, and do what I did. That might get them to do more fuzzing.” Miller said he was extremely disappointed at how easy it was to find these bugs. “Maybe some will say I’m bragging about finding the bugs, that I can kick ass, but I wasn’t that smart. I did the trivial work and I still found bugs,” he concluded.
Earlier this month, it was reported that Miller had already discovered new vulnerabilities in Apple’s Mac operating system. He reportedly uncovered around 30 critical bugs, 20 of which were (and still are) present in Snow Leopard’s Preview application. Miller then dropped plans to unveil the bugs at the CanSecWest security conference.
At the same hacking contest, Apple’s iPhone was also compromised. As reported yesterday, two hackers lured the smartphone to a rigged Web site through Safari, and exfiltrated the SMS database. The process of gaining access to the SMS database reportedly took Vincenzo Iozzo and Ralf Philipp Weinmann about 20 seconds. A security researcher at TippingPoint Zero Day Initiative going by the name of Aaron Portnoy described the attack as “very impressive,” adding that, “It was a real world exploit against a popular device. They exfiltrated the entire SMS database in about 20 seconds. It was as if a Web page was loading.” Full story here.