March 31, 2008 8:33 AM PDT

Ubuntu Linux: Unhackable. The Mac? Safari proves its Achilles Heel

by Matt Asay
  • Font size
  • Print
  • Post a comment

A recent contest pitted Mac OS X, Windows Vista, and Ubuntu Linux against each other in terms of security. It took all of two days to hack the Mac (via a web browser exploit). Ubuntu Linux? Three days into the contest, it still hadn't been hacked.

It's very possible that the Mac was the first targeted because everyone wanted the prize: A spiffy new MacBook Air. But that's not the point. Using Firefox may well have resolved the problem, rather than sticking with Apple's Safari browser.

No, the point is that no one could hack Linux.

As for the Vista machine, the hackers are still trying to figure out whether to accept or reject the myriad of popups asking them if they really wanted to do X, Y, and Z. (I just installed Vista via Apple's Bootcamp so that I could run an application that I've been missing and was reminded of how tedious that OS can be about its nagging.)

Matt Asay brings a decade of in-the-trenches open-source business and legal experience to The Open Road, with an emphasis on emerging open-source business strategies and opportunities. Matt is vice president of business development at Alfresco, a company that develops open-source software for content management. He is a member of the CNET Blog Network and is not an employee of CNET. Disclosure. You can follow Matt on Twitter @mjasay.
Topics:

Apple,

Microsoft,

Industry news

Tags:

security,

Apple,

Mac,

Linux,

Ubuntu,

Vista

Share:
Digg
Del.icio.us
Reddit
Recent posts from The Open Road
An application war is brewing in the cloud
2010 the year of cloud-computing...M&A
Canonical shines its Ubuntu light on consumers
Open source became big business in 2009
Will we see an open-source IPO in 2010?
Could Apache keep Google's regulators at bay?
Red Hat's Q3 earnings defy gravity
Canonical's opportunity to simplify Ubuntu
Related
Canonical's opportunity to simplify Ubuntu
Ubuntu Linux founder stepping down as CEO
Canonical shines its Ubuntu light on consumers
Running World of Warcraft in Ubuntu Linux
In mobile, do developers or consumers matter most?
Eucalyptus open-sources the cloud (Q&A)
Verizon sees rise of 'slate' computers in 2010
Chrome edges out Safari in browser usage
by KeeganHill March 31, 2008 8:59 AM PDT
Exactly why I use Camino. It's fast and safe; Safari is like internet explorer, it's just stupid to use it.
Reply to this comment
by mattheid March 31, 2008 9:41 AM PDT
I think you "facts" slightly incorrect.
For starters it did not take the Hackers "all of two days to hack the Mac" it took two minutes at the start of the second day. The first day of the contest only allowed exploits with remotley executing code. On the second day the hackers were allowed send emails that linked to a website with malicious code that took out the apple.
The hackers who hacke the air didn't do it because they wanted the laptop, they did it because they fealt it was the easiest to hack.
Also, the vista machine was hacked about 3 days ago. I believe your source may be alittle out of date.
And lastly, some of the hackers said they could have hacked the Ubuntu machine, but they didn't want to right the code required to do so.

It's not that Linux couldn't be hacked, but that no one wanted to hack it. It maybe more secure, but that doesn't mean it is absolutely secure.
Reply to this comment
by TimBowden March 31, 2008 11:49 PM PDT
From what I've heard the exploit that worked on the Vista box probably could be modded to work on the Ubuntu box according to the Author. Still, not a bad result.

Whilst it doesn't prove Linux is more secure, it certainly does prove having the code in the open doesn't make it less secure. Given the talent in the room, the skills were certainly there to take advantage of access to the source code. If we accept there was plenty of motivation to hack and crack, we can only conclude that system security wasn't compromised by having the code out in the open. In other words, /at the very least/ there was no net loss to security by the process of opening the code and having it peer reviewed and tested. Hopefully we can put to bed once and for all the idea of security by obscurity.
Reply to this comment
by oyster11 April 1, 2008 6:33 PM PDT
It would be fun to see them try an OpenBSD machine. Would anyone even bother?
Reply to this comment
by neildulog June 19, 2009 8:25 AM PDT
Linux unhackable? Not really!
Its called RESPECT. Why would you hack or crack something you and your peers and community helped to build.
Reply to this comment
advertisement

15 sites that went kaput in 2009

Web sites launch all the time, but they also shut their doors. We highlight 15 that bit the dust this year.

Top 10 news stories of the decade

Let the debate begin: Was the iPhone more important than iTunes? Was anything bigger than Google finding a great business model? CNET offers its list of the 10 most important stories of the '00s.

About The Open Road

Matt Asay brings a decade of in-the-trenches open-source business and legal experience to the Open Road, with an emphasis on emerging open-source business strategies and opportunities. Matt is general manager of the Americas division and vice president of business development at Alfresco, a company that develops open-source software for content management. He is a member of the CNET Blog Network and is not an employee of CNET. Disclosure.

Add this feed to your online news reader

The Open Road topics

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
CES 2010
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET