Feeds

Hack-off contestant dubs Apple Safari 'easy pickins'

Pwn2Own's low-hanging fruit

Secure remote control for conventional and virtual desktops

Apple's Safari browser is likely to be compromised multiple times at an annual hacking contest being held later this month because it's "easy pickins as usual," a researcher specializing in Apple security says.

Charlie Miller, the white-hat hacker who successfully felled a MacBook Air at last year's Pwn2Own competition, predicts the Apple browser will be hacked by at least four contestants this time around. That makes it the most vulnerable piece of software at this year's event, according to Miller, who was also among the first to disclose critical iPhone vulnerabilities a few weeks after its release.

Within hours of debut of Safari for Windows in June of 2007, security researchers discovered multiple vulnerabilities that could allow attackers to remotely install malware on the machines of people who used the beta. A co-author of the recently published The Mac Hacker's Handbook, Miller says Safari hasn't made enough progress since then and he cites several reasons why.

For one, the ASLR, or address space layout randomization, protection in Apple's OS X is easily defeated, allowing hackers to overcome a barrier that prevents similar exploits from working on the most recent versions of Windows. What's more, the it-just-works Mac credo increases the number of potential soft spots hackers can target.

"Every feature an application has is another spot a vulnerability may lay," he writes in an email to The Register. "These features are why I like Safari, but, the drawback is it has a large attack surface."

Miller goes on to predict that Google's Android will be successfully pwned by one participant, explaining "Not too tough but no one owns one." Translation: Android's susceptibility to breaches will be slightly offset by its lukewarm reception in the market.

Meanwhile, the iPhone and Symbian devices will survive unscathed thanks to their non-executable heap. Such countermeasures prevent code loaded into a program's heap from executing, making it hard for hackers to exploit the devices maliciously even when software bugs are discovered. Miller also predicts that IE8 and Firefox will also emerge undefeated.

Miller makes no predictions about Google's Chrome, which has also been shown to be susceptible to attack.

This year's event will take place March 18-20 at the CanSecWest security conference in Vancouver. One track will pit hackers against the major browsers, including Safari, Internet Explorer, and Firefox. A second track will test the mettle of major smart phones, including the iPhone, Blackberry, and devices running the Android, Symbian, and Windows Mobile OSes. El Reg will once again provide start-to-finish coverage of the hacking games in all their glory. ®

This article was updated to note that the 2007 debut was for Safari for Windows.

New hybrid storage solutions

More from The Register

next story
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
Reddit wipes clean leaked celeb nudie pics, tells users to zip it
Now we've had all THAT TRAFFIC, we 'deplore' this theft
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
TorrentLocker unpicked: Crypto coding shocker defeats extortionists
Lousy XOR opens door into which victims can shove a foot
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.