MOBILE USERS: m.isthmus.com
Connect with Isthmus on Twitter · Facebook · Flickr · Newsletters 
Friday, April 25, 2014 |  Madison, WI: 50.0° F  Light Rain Fog/Mist
Collapse Photo Bar

CanSecWest contest: Vista vs. Leopard vs. Ubuntu

Wiis, PlayStations, iPads, blogging platforms, Facebook and anything else worthy of buzz in the digital world.

CanSecWest contest: Vista vs. Leopard vs. Ubuntu

Postby Beer Moon » Fri Mar 28, 2008 9:16 am

Annual competition for $10,000 (plus the laptop you hacked).

Day 1, all three OS's remained unhackable - attacks allowed over a network only.

Day 2, hackers were allowed to have users open emails or visit webpages. Result:

Leopard went down in two minutes flat.
Beer Moon
Forum God/Goddess
 
Posts: 2032
Joined: Mon Jan 17, 2005 7:08 pm

Postby juanton » Fri Mar 28, 2008 10:16 am

I love this comment as it sums up my feelings about this and any similar sort of test:

"Point SIMPLY most hacks accure because of THE USER!!! opeing up emails, clicking on Free advertisments or going to bad web pages! (in our local paper Old people have been turning those email check scams, and Private shopper scams!"

Dude, give up the fight, it's a dumb one. Use what works best for you.
juanton
Forum God/Goddess
 
Posts: 2741
Joined: Mon Jul 21, 2003 3:24 pm

Postby Wet_Pavement » Tue Apr 01, 2008 6:42 am

The story leaves out that Microsoft won't issue a patch for over a year while Apple will address it much more quickly.
Wet_Pavement
Forum God/Goddess
 
Posts: 677
Joined: Thu Nov 23, 2006 6:40 am
Location: Madison

Postby Nick Berigan » Tue Apr 01, 2008 7:32 am

Wet_Pavement wrote:The story leaves out that Microsoft won't issue a patch for over a year while Apple will address it much more quickly.


How do you "patch" the fact that the user opened an email? Do you flash the user's BIOS or something? If someone knows how to do that, I could really use that info.
Nick Berigan
Forum God/Goddess
 
Posts: 591
Joined: Thu Apr 03, 2003 5:12 pm

Postby Wet_Pavement » Tue Apr 01, 2008 8:13 am

The point is that Microsoft consistently waits a long, long, long time to fix security flaws.

And depending on the kind of attack used by the rogue website or the rogue email, yes they can be patched.
Wet_Pavement
Forum God/Goddess
 
Posts: 677
Joined: Thu Nov 23, 2006 6:40 am
Location: Madison

Postby Beer Moon » Tue Apr 01, 2008 5:04 pm

The point is neither OS has zero-day exploits that are easy to take advantage of - both made it to day 2.

Only Linux remained unhacked the entire time, and many said it was not due to the fact that it was impossible, simply that it was easier to get into Leopard and then Windows, compared to the coding required to exploit the Linux vulnerabilities.

Also, Windows is on a monthly patch release schedule - more frequent than some other much-less popular consumer OS company. They also release emergency patches when necessary.
Beer Moon
Forum God/Goddess
 
Posts: 2032
Joined: Mon Jan 17, 2005 7:08 pm


Return to Technology & Video Games

Who is online

Users browsing this forum: No registered users and 1 guest

moviesmusiceats
Select a Movie
Select a Theater


FacebookcommentsViewedForum
  ISTHMUS FLICKR

Promotions Contact us Privacy Policy Jobs Newsletters RSS
Collapse Photo Bar