Hack a Mac, get $10,000

Two MacBooks wait to be hacked at CanSecWest in Vancouver, B.C.

(Credit: CNET News.com/Joris Evers)

VANCOUVER, B.C.--The prize in the hack-a-Mac contest at the CanSecWest conference here just got bigger.

TippingPoint, which runs the Zero Day Initiative bug bounty program, is offering to pay $10,000 to the hacker who commandeers one of two MacBooks. The target computers are connected to a wireless access point and fully patched, including the update for 25 vulnerabilities that Apple released on Thursday.

Originally a successful hack would be rewarded with the MacBook. There had been some rumblings among event attendees that the reward was not big enough to draw interest. To qualify for the $10,000 a successful attack has to be carried out with a new, yet-to-be-patched vulnerability, a TippingPoint representative at CanSecWest said.

CanSecWest organizers have set up the MacBooks with all security updates, but without additional security software or settings. Attendees are able to connect to the machines via the access point through Ethernet or Wi-Fi.

[Jon N.]

WOW!!!

The people with MAC's have always said that their OS X systems were better when it comes to being protected, and this is proof that APPLE and their customers are right! They're paying people in this contest to HACK A MAC! I don't know about you, but I always thought that the purpose to hack or crack a OS was for the street rep. No money involved, just the knowledge to be able to create havoc and chaos by cracking and muddying an OS, or App. Now these people are putting a financial battery on their shoulder, and daring you to knock it off! WOW! I can't wait to see this one pan out...if at all.

[Macsaresafer]

Today's the last day.

From: http://news.com.com/8301-10784-6171472-7.html

"The conference will be held April 18-20 in Vancouver, British
Columbia."

Better hurry if you want a computer and $10,000. You're running
out of time. What, no takers?


;)

[G0lluM14]

i'll bite...

I think the millions of people who have to deal with the incredible frustration of identity theft might disagree with your assertion of the motivation of most hackers.

Let's see, if I hack into a business' customer database I can score a gazillion credit card numbers. If I hack into Joe Schmo's Mac (because quite frankly you are not going to find a business' customer data hosted on an Apple machine)what can I get? His credit card info? Pics of his kids and cute vacation videos? A Photoshop doodle?

I'm not saying that one OS is better than the other. I am saying that ANY OS can be hacked. The question for the hacker is always "Is there any incentive for me to go to the trouble of doing this?" Which is why I do agree with you that the outcome of this challenge will certainly be interesting.

[Wingsy]

What OLD hack?

Wonder why the requirements state that it must be a "new" hack.
Just what OLD hack would anyone use to get in????

[rcrusoe]

Politically correct?

Perhaps by implying that remote hacks for the Mac have been available to hackers in the past, CNet is just trying to be politically correct.

You know, not making fun of the crippled, uh ... , I mean security challenged Windows users.

;)


OTOH, 15 years in I.T., has taught me that no OS is completely secure, so this will be interesting to watch.

[steve4lee]

old hack

Old hack? I thought you were referring to John Dvorak.

[edski1228]

How Many times do we have to do this......

"There had been some rumblings among event attendees that
the reward was not big enough to draw interest."
Gimmi a break. I haven?t seen a bigger pile of Horse Sh** since
the last time I went to the track. A free ($2500) laptop is not big
enough prize to prove all the Mac Fan Boys wrong and shut them
up once and for all? Oh, Oh wait here is the next excuse
"$10,000 is not enough for me to give away my code. I'll keep
my cracks to myself." Puh-lese!!!

OK Weenies lets prove the Security through Obscurity Myth. Get
all your scary good cracker friends together and once and for all
shut the Mac community up and prove them wrong. Should be
easy for you guys RIGHT!! You work on REAL Computers RIGHT!
Just a Mac and we know that Macs are toys RIGHT! Common
Pee-Cee Weeenies Show us what your really made of. Stop the
talk and the FUD and make me eat my words. Prove it!! I dare
you!! Just stop waisting our time with your Microsoft Elitist BS
with an OS that a 12 yearold can crack anytime she wants.

Oh, By the way?? Why dont I see any Windows system providers
making the same offer. Vista Security Wahhaahahahah.

[weegg]

tou'che

nm

[katamari]

Back to school...

s/Gimmi/Give me/
s/Horse Sh\*\*/horse sh**/
s/Weenies/weenies/
s/Security/security/
s/Obscurity Myth/obscurity myth/
s/guys RIGHT!!/guys, RIGHT?!/
s/Computers RIGHT!/computers, RIGHT?!/
s/toys RIGHT!/toys, RIGHT?!/
s/Common/Come on/
s/Pee-Cee Weeenies Show/PC weenies, show/
s/what your really/what you're really/
s/waisting/wasting/
s/yearold/year-old/
s/By the way\?\?/by the way,/
s/dont/don't/
s/same offer\./same offer?/

[pmchefalo]

As Far As I Know All Macs are Hacked ...

Prove otherwise.

If I had a crack for Macs I certainly wouldn't give it away right now, until I had wrung every cent out of it.

There's blackmail as an option, of Apple and some user I'm key-logging ...

Why should I let you fan-boys off the hook cheap by letting you know that you're rooted right now before I can exploit you?

[totorototoro]

Where is the XP, Vista, Linux Notebook?

Why not set them all up there to see if any of them get hacked?

[jimoase]

Why not all brands¿¿¿

I like the idea of a single brand hack contest because it focus all
the available creative energy on one operatiing system and
applications.

Having another contest for another brand and than another
would be interesting except that some brands have a history of
exploits so finding another exploit is not as interesting.

Lets get some focused effort on the Mac OS and crack it. Then
take on the other brands if you have the resources to fund such
contests.

JIm

[Siegfried Schtauffen]

Looks like the Mac lost

http://cansecwest.com/post/2007-04-20-14:54:00.First_Mac_Hacked_Cancel_Or_Allow