Sorry Mr Jobs, Check PWN 2 OWN results

This week the CanSecWest security conference’s PWN 2 OWN hacking contest has congratulated Charlie Miller that has exploited vulnerability on Apple’s super-slim notebook (to be more accurate on Safari) and was able to hack it in less than 2 minutes.

- Three targets:

• VAIO VGN-TZ37CN running Ubuntu 7.10
• Fujitsu U810 running Vista Ultimate SP1
• MacBook Air running OSX 10.5.2 
  

- One Goal: Hacking! Hacking! Hacking!
TO be serious: The main purpose of this contest is to responsibly unearth new vulnerabilities within these systems so that the affected vendor(s) can address them.

- Prizes:

• $20000 and a laptop (Remote Pre-Auth)
• $10000 and a laptop (Default client-side apps)
• $5000 and a laptop (Third Part apps)
  
  Rules:

• Limit one laptop per contestant.
• You can't use the same vulnerability to claim more than one prize, if it is a cross-platform issue.
• Thirty minute attack slots given to contestants at each box.
• Attack slots will be scheduled at the contest start by the methods selected by the judges.
• Attacks are done via crossover cable. (attacker controls default route)
• RF attacks are done offsite by special arrangement...
• No physical access to the machines.
• Major web browsers (IE, Safari, Konqueror, Firefox), widely used and deployed plugin frameworks (AIR, Silverlight), IM clients (MSN, Adium, Skype, Pigdin, AOL, Yahoo), Mail readers (Outlook, Mail.app, Thunderbird, kmail) are all in scope.

Source: CanSecWest