MacBook Air Hijacked at CanSecWest Hacker Contest
Using a drive-by browser exploit, hacker Charlie Miller pops Apple's shiny new MacBook Air to claim a $10,000 cash prize.
Miller, a well-known hacker who was among the first to break into the iPhone, hijacked the MacBook Air within minutes of the opening of this year's CanSecWest Pwn2Own hacker challenge.
According to sources at the conference, Miller used an exploit against the Safari browser that ships standard with Mac OS X. Details of the vulnerability and the attack vector are now the property of TippingPoint's ZDI (Zero Day Initiative), the sponsor of the Pwn2Own challenge.
The contest, which pits security researchers against three fully patched computers-VAIO VGN-TZ37CN running Ubuntu 7.10, Fujitsu U810 running Windows Vista Ultimate SP1 and MacBook Air running OSX 10.5.2-began on Mar. 26, but after the first day, there were no attempts to use a remotely exploitable pre-auth vulnerability to claim a $20,000 prize.
On the second day, when the attack surfaces were increased to allow exploitation of default installed client-side applications (following a link through e-mail, vendor-supplied IM client or visiting a malicious Web site), Miller pounced early and claimed the $10,000 prize.
The Windows Vista and Ubuntu (Linux) machines are still standing.
Assuming the laptops are still standing on Mar. 28, day three of the competition, exploitation of popular third-party client applications will be allowed.