Time to push the panic clit again as Apple product get hacked at the annual competition seemingly name by 8th grader , CanSecWest Pwn2Own ! Are n’t hackers endearing ? !
( Answer : no , they are not . )
iPHONE HACKED! (Others also hacked. See page D13.)
sensitive critic that he is , the Macalope has some complaint about how the results of Pwn2Own were account . It was sluttish to lack it in the headlines , but IE 8 and Firefox , both run for on Windows 7 , were also hacked . Which puts Safari in , well , pretty icky company . Apple top out most of the reports credibly because multitude are so used to intend of Windows as being unsafe that it ’s not news program anymore . extolment to Google Chrome for being the only internet browser to remain unhacked at the end of the contest .
The Macalope ’s moderately tired of what has become the de rigueur and breathless inclusion of “ was hacked within seconds!”—as if these guys had never see an iPhone or IE 8 before and figured out how to cut it that fast . The succeeder actually spenttwo hebdomad coming up with the iPhone blast .
The time interval is really only interesting in term of the competition . In the real earthly concern , what matters is if the tone-beginning is successful or not , not how prospicient it fill . If someone steals your social security measures number , it does n’t count whether they did it 15 minutes or 20 sec .
At the end of the day , what cyber-terrorist are able to get at are the system - all-inclusive feature we already know to be vulnerable : SMS , contact , email , pictures and iTunes ( the winner pick out SMS , making off with the intact database ) . The iPhone proved more secure than any of the desktop platforms that were hacked because the assailant was still ineffectual to get out of the sandpit , yet the iPhone jade topped the newsworthiness . in person , the Macalope find it interesting that the IE 8 hack writer overcameASLR , one of the Windows surety features Microsoft was so loudly spat on the back for append .
The Macalope ’s certain this is n’t the shell with everyone , but he thinks anyone cut up intohisSMS database is going to be pretty disappointed . There ’s three texts from supporter that read “ WHERE ARE WE get together ? ” and a duo of pic of his nude antlers he sent to his wife . That ’s it .
OK , maybe there ’s a black marketplace time value for the pictures , but probably not much . And , um , if anyone does ever see them on the Internet , the Macalope would just like to point out it wasreallycold when he took them .
She’s a witch! Burn her!
Do n’t recall the iPhone ’s mortal insecurity has gone unnoticed . A resume of security professionals — who undoubtedly all use nothing but Google Chrome at the work and not IE 8 ( cough ) — tagged the iPhone as the most unsafe mobile machine .
The iPhone is the highest - risk smartphone to carry into the work , a bailiwick of security professionals constitute on Thursday . Of those asked by nCircle , 57 per centum say Apple ’s phone is the worst mobile equipment threat , followed in a remote indorsement by Android at 39 percent .
hold back , Androidgets a good evaluation ?
The statements come up despite Android lacking hardware encryption and having features that , while powerful , impart themselves more to surety risks . As apps do n’t always need to be signed and can expose characteristic such as the file cabinet system , Android devices can theoretically have all their data compromise in software and be used to convey off data of their own .
And isn’tthatrevealing about our very serious security professionals ?
You make love what might be a slimly tough workplace risk than the iPhone ? Security “ specializer ” who make descisions base on their personal bias rather than genuine menace .
Don’t shoot the messenger, no matter how obnoxious he is
Far be it from the Macalope to suggest that Apple base its ontogeny decisiveness on his level of amusement , but he’sso boredwith this security stuff and nonsense he could bang his antlers against a rock . He wishes the company could flap a magical wand and make it go away , but they ca n’t . As Pwn2Own winner Charlie Miller suggests , Apple ( and the other company ) need to take a more comprehensive approach to security than just patching gob .
The security system mafia ( “ That ’s a nice operating organization you got there . It’d be a shame if something were to happen to it . ” ) incline to give Microsoft more of a pass because Microsoft is more clear open about its problem and how it profess , uh , plansto deal with them . Apple , as we know it , is only never pass away to be that open . The only way for Apple to protect its vantage and make this a non - issue is to take care at security holistically ( the iPhone sandpit environment is actually a good outset ) . The Trojans may have foundCassandraannoying , but that cavalry was even more pesky .
[ Not enough Macalope for you ? The horned one was also a guest on this week ’s Macworld Podcast . ]
