Mac hack winner says Windows still riskier
The man who won a security contest by hacking a Macbook in just seconds says Macs are still safer to run than Windows PCs. Charlie Miller says its down to the difference between theoretical security and real world safety.
Miller won the PWN2OWN contest at the CanSecWest security conference last week for the second year running. Contestants can choose from a range of computers with varying browsers and operating systems, all patched with the latest security updates. They are allowed to simulate a web-based attack by asking a judge to visit an infected Web site. In taking the crown for the second time, Miller cut his hacking time from two minutes to ten seconds.
The full details of the winning hacks are kept quiet for obvious reasons (though the relevant manufacturers are informed). But Miller has now spoken about his victory to the Tom’s Hardware site.
The first thing he pointed out is that it takes a lot more than 10 seconds to hack a machine: that’s simply the time it takes to demonstrate the technique, which may have taken many days to research and prepare.
Miller also says that he believes Macs are inherently less secure than PCs because they don’t have as many built-in protections against hackers. However, he believes running a Mac is safer. That seemingly contradictory argument is based on the simple fact that hackers are more interested in PCs because there’s a much bigger target audience to attack with any successful exploit. He even revealed that he doesn’t run any security software on his own Macs (which sounds like a less reputable hacking challenge waiting to happen).
In a separate interview, Miller estimated that anyone developing a way to exploit a vulnerability in Windows could likely raise at least $50,000 by selling the details.
Related Posts:
March 27th, 2009
Guess I should start writing hacks a retire!