13:19 Cansecwest 2009 the first day | |
| I think that Topic Link enough, and should highlight this event in more detail. Materials on the subject in English here, here and here. The first day of competitions on breaking the typical programming environments, held annually at the conference CanSecWest 2009. Like last year's victory in the competition won Charlie Miller (Charlie Miller), Principal Analyst Independent Security Evaluators, which took just-just open the web browser Safari specially prepared page to get full control of the Mac OS X installed with a complete set of updates. As a reward, Charlie got the 5 thousand dollars and a laptop MacBook. The sad fate is also not spared and other browsers. Internet Explorer 8 has been successfully compromised other party competition under the name Nils. Hacking allowed to gain complete control over the machine with the latest builds Windows 7, well-publicized beating Microsoft protection DEP (Data Execution Prevention) and ASLR (Address Space Layout Randomization). Later Nils showed similar cracking browsers Safari and Firefox. As a reward Nils received the laptop Sony Vaio and 15 thousand dollars (5 thousand for every zero-day exploit). In all cases, the hacking was carried out through a previously unknown vulnerabilities (zero-day). Browsers and operating systems were the latest versions of the imposition of all available patches. Details breaking browsers under the terms of the competition will remain secret until the release of official updates. The only holding off hacking the browser was Google Chrome (yet Nils promised to demonstrate the exploit tomorrow), the browser Opera in the competition was not involved. Note that there is still two days of competitions, which will be held contests on breaking plug-in (flash, java,. Net, quicktime), popular programs, such as Acrobat Reader and mobile phones. Source opennet.ru | |
|
| |
| Total comments: 0 | |