Security whiz spells Safari’s doom in upcoming hacking contest

Chicago (IL) – When
Apple took Safari into the Windows world, it also exposed the browser
to the scrutiny of unforgiving security experts whose personal pleasure it is to hack into browsers, even holding contests to discover who can find/exploit their many security holes the fastest. While this ultimately helps companies improve their products making them more secure, the hackers also pocket thousands of dollars
in rewards in the process. Apple has already been embarrassed by Safari when a
well-known security expert exploited it to break into MacBook Air
within minutes
. That same expert now claims he will break into the
latest Safari 4 Beta version in the third annual hacking contest
(coming up in less than two weeks).


If you’re into computer and browser
security, then the name Charlie Miller surely rings a bell. To others, this is
the man that you’d want as your interlocutor if you wanted to learn about
the latest security holes in your browser, computer or even your phone.

Charlie Miller rubbed Apple’s nose in the dirt by exploiting a Safari
hole to break into MacBook Air
in just two minutes during a high-profile hacking contest in Vancouver,
winning him a cool $10,000. He did it by tricking the judges to visit a website where he already had the hack setup, ready and waiting to exploit. Yes, that’s the Charlie Miller I’m talking about. He was also the
first to pinpoint a vulnerability in the WebKit-based browser that comes preloaded on T-Mobile’s G1 Android, urging users not to use Android browser
at all. Miller also got our attention when he discovered a
security-related weakness in mobile Safari shortly after the iPhone
launched.

Today, Miller is once again making the
headlines with claims that recently posted Safari 4 Beta on the Mac
will be the first browser to fail at this year’s Pwn2Own contest. Speaking to Computerworld, Miller labeled Safari as “the easiest browser [to hack].” Similar to aforementioned hacking contest held in Vancouver last year, Pwn2Own
will challenge the world’s brightest hackers to break into Internet
Explorer 8, Firefox and Chrome, all running under Windows 7 on a Sony Vaio P machine.

Contestants
will be also invited to break into Safari and Firefox running under OS
X Leopard on MacBook Air. Whoever wins gets to walk home with $5,000 in
the pocket for each pwned browser. There is also a $10,000
incentive for hacking into five major mobile platforms: Android,
Windows Mobile, Symbian, iPhone OS and BlackBerry OS. Pwn2Own is scheduled to run at the CanSecWest security conference on March 16-20 in Vancouver, British Columbia.

It
is with great interest and anticipation that we look forward to
this contest to learn just how secure our next-generation browsers and
operating systems are. Miller has argued that Safari’s security-related
weaknesses stem from a complex code that handles many features and
multimedia file types, as well as the lack of workable defenses on the
part of OS X.

“Apple’s products are really friendly to users, and Safari is
designed to handle anything, including all kinds of file formats,”
he told Computerworld. “With a lot of functionality comes the increased chance of
bugs,”
he said, adding that “the more complex software is, the less secure it is.”

Specifically, Miller blamed the lack of so-called address space randomization technique, also known as ASLR,
in current OS X Leopard for making the OS X + Safari combo so easy to
hack. The design of Apple’s upcoming OS X version (dubbed Snow Leopard)
calls for the ASLR utilization as a means of improving overall system security, and we recognize that Safari 4 is currently still in beta and is not an officially released product.

Miller
hinted that other browsers are more secure than Safari, arguing that
$5,000 isn’t motivation enough to try crack IE8, Firefox or Chrome.
Nevertheless, if Apple’s Safari surrenders again within minutes, it
will be a big blow for Apple who likes pitching its software and the
operating system as rock solid.

 


SHINY AND TOASTED?
Security expert Charlie Miller humiliated Apple in 2008 by exploiting a Safari vulnerability, hacking into a Mac notebook within minutes. This year he claims Apple’s browser will fall once again at the upcoming Pwn2Own hacking contest, March 16-20 in Vancouver. He argued that OS X Leopard lacks a workable defense while Safari suffers from too much polish that increases the complexity of the underlying code, making exploits all too easy.