64-bit 7ista Twice Hacked via both IE 8 and Firefox 3!The End Is Nigh!

I should also mention that both Mac OS X 10.6 Snow Leopard and the iPhone got hacked via Safari. Just doing a little back-at-you priority swapping. These days it is a BIG DEAL when Mac OS X gets hacked because of its reputation as the safest GUI OS on the planet. Hacking Windows is ho hum because it happens every day.

Here are some links to somewhat detailed articles about the Day 1 results from the Pwn2Own contest at CanSecWest 2010 in Vancouver, Canada:

TippingPoint blog.
CNet.
MacWorld.

The contest still has two more days of hacking to go. But here is the current list of winners from Day 1:

PWNED! Vincenzo Iozzo and Ralf Philipp Weinmann - iPhone
PWNED! Charlie Miller - Safari [on Mac OS X 10.6]
Nils - Safari (Prize Claimed) [on Mac OS X 10.6]
PWNED! Peter Vreugdenhil - Internet Explorer 8 [on 7ista]
MemACCT - Internet Explorer 8 (Prize Claimed) [on 7ista]
Anonymous - Nokia
Anonymous - iPhone (Prize already won)
PWNED! Nils - Firefox [on 7ista]

Congratulations to all the hackers and thank you for making it clear that Internet surfing can be dangerous no matter the operating system or web browser. Details of each zero day hack are not published until they have been addressed by the companies or groups in charge of affected programs and operating systems. When the Mac OS X hacks have been published, I'll report them and provide links here.

I'll also post more from CanSecWest as it progresses. Dr. Charlie Miller will be presenting his 20 Mac OS X 10.6 Snow Leopard hacks.

The successful hacking of Windows 7ista is of particular interest because it involved bypassing the much lauded ASLR (Address Space Layout Randomization) and DEP (Data Execution Prevention) built into 7ista. So much for those security technologies!

In each hack the victim computers were directed to websites containing exploit code. I'm going to hazard a wild guess that the sites used code written at least in part in the catastrophic mess known as ECMAScript, aka JavaScript/JScript. Readers of this blog will already know my low opinion of this scripting language and my desire that it be banished from the Internet forever. Listeners to the SecurityNow Podcast know that Steve Gibson of Gibson Research Corporation (GRC) called out ECMAScript as dangerous years ago. He recommends surfing the net with scripting turned OFF in all web browsers by default, only turning it on at trusted websites.

Java exploits are also well known at this time, indicating the need to also turn off Java while surfing the net, except again at trusted websites. What a shame.

(Note that JavaScript and Java have nothing whatsoever to do with each other apart from a similar name caused by a marketing moron deal between Netscape and Sun Microsystems, both companies now defunct).

Snow Leopard Security vs 7ista Security:What debate?

--
My attention was drawn today to a blog entry over at MacDailyNews that summarized an article comparing Snow Leopard security to 7ista (aka Windows 7) security. I was hoping for something rip roaring and insightful. Instead I found the source article to be essentially worthless and trivial. Ho hum.

HERE is the source article, entitled "Windows 7 vs. Snow Leopard: Which is More Secure?", published at the Datamation site.

Below is my critique of the article, as posted today at MacDailyNews:

If author Kevin van Wyk had extensive experience with computer security, this article might have been of interest. Unfortunately, the article is incomplete, contains some significant errors and entirely skipped obvious security concerns:

1) He sez: "Neither operating system includes anti-virus protection by default."

Bullshite. 10.6 has a malware detection system running by default with signatures for some Trojans. However, it is fair to say that this is an extremely limited and immature anti-malware system. Hopefully Apple will pursue it further in the future. Mac OS X Server has incorporated ClamAV for many years. It would be good to see it moved into the client version as well. However, it must be noted that getting Mac OS X malware signatures incorporated into ClamAV is extremely difficult, partly due to the anti-Mac culture over at the project site. Thankfully, the author of ClamXav for Mac has made some headway in this respect.

2) He sez: "Neither system is immune to viruses, and we certainly have plenty of examples of this fact."

Bullshite. There never have been ANY viruses for Mac OS X, period. There are, however, Trojan horse malware for Mac OS X, all of which require LUSER behavior in order to be installed. Most likely Mr. van Wyk simply does not know proper malware terminology. BTW: There are currently 21 known Trojans for Mac OS X compared to 100s of thousands of various malware for Windows.

3) He entirely skipped the security history of both operating systems. Windows 7 has been cracked from out in the wild several times at this point. Mac OS X has never been cracked from out in the wild without user assisted sabotage. Plus there is the fact that Windows in general has over 10,000x more malware of all varieties than Mac OS X. (That simple fact blows the 'security via obscurity' myth to hell. It also indicates that Mac OS X is by nature profoundly more secure than any Windows system).

4) The article ends on a pointlessly wimpy note: "I remain a firm believer that I�m safer on Snow Leopard than I would be on Windows 7."

No one has to 'believe' Mac OS X is the safer. The facts prove Mac OS X is vastly safer than Windows 7.

5) He completely left out security dangers caused by non-system software. On Apple's side this includes Safari and most of all QuickTime. On the Windows side this includes Internet Explorer, well known to be the single worst web browser on the market, as well as ActiveX and JScript, both of which are wide open security holes begging for hackers and crackers to enter any Windows machine. Microsoft also deliberately provide only an archaic and hobbled version of Java as a retaliation against their losing their J++ abomination lawsuit from Sun Microsystems. Whereas, Apple provide a much more up-to-date and secure version of Java.

6) He left out the fact that Windows 7 does have superior memory address protection (Address Space Layout Randomization, ASLR) over Mac OS X 10.6, which helps fend off some buffer overrun system pwning. Hopefully Apple will take memory address protection more seriously in 10.7.
--

The Anti-Mac Security FUD-Fest Is Fun For All! Rah! Rah! Rah!

--
Man, I am getting a lot of traction out of that moronic article at CNET, not worth reading HERE. For me, it really is fascinating to sit down and contemplate what is actually going on in computer security right now. Here are some of the elements:

I) 7ista, aka Vista Service Pack 7, is now insighting cacophonous riots of anger because its security is still terrible. A net acquaintance posted these URLs over at MacDailyNews:

Cybercrime Rises and Vista 7 is Already Open to Hijackers

Vista 7: Broken Apart Before Arrival

Department of Homeland Security �Poisoned� by Microsoft; Vista 7 is Open to Hijackers Again

Researchers show how to take control of Windows 7

That last article is about how to 'PWN' 7ista. Not good. Google provides a few hundred thousand similar complaints.

II) Meanwhile, the Anti-Mac Security FUD-Fest continues apace, thanks to our usual line-up of hacker pals. Mac OS X is already the best GUI OS for computer security, in part thanks to integrating the two best CLI OSes, OpenBSD and FreeBSD. The result: Mac OS X progresses forward to become BETTER than the BEST! That's good. Thank you Dr. Charlie Miller and friends.

III) So of course we get dumbass articles about how nasty bad and laughable Mac OS X security is, right? (o_0)

It's a strategy with many purposes, perpetrated by many sources. Figuring out the motivations behind the deceit is quite intriguing. Laughing at it all is fun! It lowers your blood pressure. Live longer and laugh at the clowns.


Here is yet-another post I made, this time at MacDailyNews.com, regarding the FUD-Fest and Microsoft. It sort of encapsulates it all:

Microsoft have put in place some modern methods of deterring hackers and crackers. They had to. They had the motivation. Their operating system is a bloated catastrophe of spaghetti code that is well beyond their comprehension. They can't fix it. They've made many attempts over the last 15 years and consistently failed. They gave up. Vista is the proof. 7ista is icing on the proof.

Should Apple add in these modern security measures? Damned right!

But is it a BFD? Will Mac OS X roll over and DIE? Will THE BIG ONE virus hit Mac OS X and make us all go running home sobbing to mummy? Of course not!

Apple's attention to security has been increasing exponentially over the last two years. This month's security updates were the most in Apple's history. But as is typical with humans, the house has to be on fire before you pour water on it and fix the cause. Mac OS X does not have a faulty electrical system that will burn the house down. Apple know that. We know that. So what's the motivation? Planning ahead takes extra prodding. Prod Apple and they respond eventually.

This is one reason I actually praise the Anti-Mac FUD-fest we've enjoyed since Symantec insighted it exactly four years ago. It has hurt no one. It has inspired Apple. We benefitted.

We the customers know we already had an incredibly secure operating system. It's based on the two most secure operating systems in existence bar none: OpenBSD and FreeBSD. So why not make it EVEN BETTER?!

Let's go MaNIaCaL!
Go Apple Go!
Add steal bar reinforcement to the castle walls!
Add boiling oil caldrons!
Put alligators in the mote!
Install the rotating knives!
Hire some Cenobites!

Conclusion: We win any which way you look at it. If users of the less secure operating systems can't deal with it, oh so sad for them.

As long as we keep our eye on the ball, which is keeping our computers as safe as possible, our progress toward better than best will continue. :-)

Rah! Rah! Rah!
Go! Apple! Go!
Yayyyyyyy APPLE!

Amusing, eh? Behind all the 'FEEL BAD DAMMIT!' garbage is not just a silver lining. The clouds are bogus, a theatre prop. Knock them over and there is the golden sun shining on all us Mac users.


OK, sober up! Enough euphoria! We have 21 Trojans to avoid. There continue to be security flaws in Apple stuff that deserve our attention. ClamAV still needs to further catch up with Mac malware. Mac OS X is not perfect, never will be. Be attentive.

For my next article I intend (for whatever that's worth) to provide another monthly summary of Mac OS X security patches. Bring your caffeine.

:-Derek
~~~~~~

BONUS EUPHORIA: SNOW LEOPARD

If you haven't read the news, check this out:

� Snow Leopard has built-in Trojan horse MALWARE DETECTION! Its database is auto-updating! Right now it only has two Trojan signatures, yawn. But expect improvement. And no, Apple didn't stick in someone else's anti-malware engine, least of all Symantec's (gag! gag! puke!! puke!!).

� Snow Leopard installs just fine over TIGER! I thought this had to be bogus, but I've read it from several sources now and they weren't just quoting each other. It's a fact that even Apple verified. So if you don't have Leopard already, get the $29 (or $24 at some stores!) Snow Leopard disk and go to it! Well, when you're ready. There are some application incompatibilities.

� Snow Leopard is FAST! That's faster than Leopard! Bless you Apple.

� Snow Leopard is SMALLER! Saving at least 5 Gigabytes of space on your Mac appears to be normal. Ever heard of that? Try that move Microsoft.

-> But of course note that Snow Leopard is for INTEL MACS ONLY.

More on Snow Leopard in a couple weeks once I've ripped it apart, with my CLAWS.
--