Warning this article may contain opinions of the author that you and iTWire don't agree with.
Visit the last page to have your say in our forum.

No. 1 Story

Telstra adds one million mobile services, but Sensis plummets

Telstra has revealed the addition of almost one million new mobile services in the six months to December 2011, but Sensis revenues plummeted 24 percent in 12 months.

 read more
StumbleUponSubmit to redditShare this on TwitterShare on facebook | Print |PDF 

More From

Two out of three ain't bad

Stephen Withers
Monday, 31 March 2008 05:43

Opinion and Analysis

Page 1 of 3
Of the three notebooks up for grabs in the PWN2OWN competition at CanSecWest, only two were hacked and won. But what does that say about the security of the operating systems they were running?
Microsoft Office 365 Get your free Trial
Not a lot, I'd suggest.

Firstly, none of the computers were compromised on the first day, which only allowed remotely exploitable vulnerabilities with no user interaction. That's the good news - it implies that the days of our computers being vulnerable to takeover just because they were connected to the Internet are over.

Secondly, you shouldn't read too much into reports about how little time any particular team took to break into a system. It's safe to say that hours of work went into developing the winning attacks, and that anyone capable of finding an suitable exploit would also be able to put together a tool that at least partially automates an attack.

Indeed, winner Charlie Miller told Computerworld that "It took us maybe a week altogether".

Nor is there any significance in how early in the day any particular computer was won. Teams were randomly allocated 30 minute slots to attempt their hacks, and once someone had succeeded no further exploits were accepted.


Start 1 2 3 Next 

Sponsored Announcements

Websense #1 in Web Security Fourth Year in a Row

David Bass | For the fourth year in a row, IDC has placed content security provider Websense (NASDAQ: WBSN) at the top of the IDC Worldwide Web Security 2011 –…

You may have missed


Advertisement

- sponsored feature -

The Death of Traditional BI: What’s Next?

How to Make Business Discovery Work for Your Business IP PABX BUYING GUIDE

Business Discovery takes its cues from consumer apps. Like Google, it encourages us- ers to hunt for and explore data without worrying about or even noticing the underly- ing technology. Their entire experience is working within an intuitive interface to get real-time, self-service results with only minimal training. ...more

Our Services for Technology Professionals

E - mail News SMS Headlines Desktop Alerts News Feeds Job Alerts Technology Events Press-Releases