February 7, 2008 7:34 AM PST
Vista, Leopard, Linux to compete in hack contest
- Related Stories
Year in review: Botnet gains, Web 2.0 painsDecember 31, 2007
Inviting the hackers insideDecember 4, 2007
Black Hat 'supersizes' in Las VegasJuly 30, 2007
Apple plugs QuickTime zero-day flawMay 1, 2007
Mac hacked through QuickTime flawApril 24, 2007
- Related Blogs
IE also affected by $10,000 QuickTime bug
April 25, 2007
Apple issues a security update for Quicktime 7.1.6
May 29, 2007
Run by the organizers of the CanSecWest Vancouver 2008 security conference, the competition is a repeat of the "PWN to Own" contest at CanSecWest in 2007, when security researchers competed to win a MacBook Pro and $10,000. The prize was shared between security researchers Dino Dai Zovi and Shane Macauley for their successful use of a zero-day QuickTime vulnerability, which they used to compromise the MacBook. The vulnerability was subsequently found to also affect Windows platforms.
The hacking competition at CanSecWest 2008 will pit the Linux, Leopard OS X, and Vista operating systems against each other, according to CanSecWest organizer Dragos Ruiu.
"The fur is flying right now about which is more secure--Linux, Vista, or Leopard," Ruiu said on Thursday. "Linux guys have their propaganda, Windows guys are saying this and that, Apple guys have buried their heads in the sand as usual. I guess the proof is in the pudding."
The prizes for the contest will be "several laptops," according to Ruiu. When he spoke to ZDNet UK, on Thursday, the security researcher was in Tokyo partly to organize a CanSecWest event and partly to go "shopping for laptops." Ruiu had not yet decided which laptops to buy, but said he was looking for something "new and thrilling."
"We want the prizes to inspire lust amongst geeks," said Ruiu. "It's going to be something lustworthy."
Last year the $10,000 prize money was supplied by security firm TippingPoint. This year's contest still needs a sponsor, and it is possible that the nature of the contest could still change, said Ruiu, although he declined to say what other form it might take.
Tom Espiner of ZDNet UK reported from London.
93 commentsJoin the conversation! Add your comment