MacBook Hacking Contest Won ($10,000)
Macworld reports on a winning "hack" claimed by Shane Macaulay and Dino Dai Zovi for the Hack a Mac contest at CanSecWest this week.
The conference and contest took place between April 18-20th in Vancouver, British Columbia:
CanSecWest organizers will set up the MacBooks with their own access point and all security updates installed, but without additional security software or settings. Attendees will be able to connect to the machines via the access point through Ethernet or Wi-Fi, according to the CanSecWest Web site.
As originally planned, the rules for the hack a mac contest were relaxed on Friday after nobody had won the contest on the previous days. In the relaxed set of rules, a URL was provided that exposed Safari to a "specially-constructed Web page" which allowed the hacker to gain shell access to the MacBook.
The URL opened a blank page but exposed a vulnerability in input handling in Safari, Comeau said. An attacker could use the vulnerability in a number of ways, but Di Zovie used it to open a back door that gave him access to anything on the computer, Comeau said.
According to Matasano, Apple's most recent Security update does not address this specific issue with Safari.
Popular Stories
Apple today announced it will be permanently closing three retail stores in the U.S. in June, including Apple Trumbull in Trumbull, Connecticut, Apple North County in Escondido, California, and Apple Towson Town Center in Towson, Maryland.
Apple Towson Town Center in Maryland
Apple issued the following statement to MacRumors:At Apple, we are constantly striving to deliver exceptional service...
Apple today released a minor iOS 26.4.1 update for the iPhone 11 and newer. While the release notes for the update only mention unspecified "bug fixes," we have since learned about two specific changes that are included in it.
First, 9to5Mac spotted an Apple Developer Forums thread suggesting that iOS 26.4.1 fixes an iOS 26.4 bug that affected iCloud syncing in some apps.
Second, an...
As we wait for WWDC to kick off next Monday, Apple today announced the winners of its annual Apple Design Awards, recognizing apps and games for their innovation, ingenuity, and technical achievement.
The 2025 Apple Design Award winners are listed below, with one app and one game selected per category:
Delight and Fun - CapWords (App) and Balatro (Game)
Innovation - Play (App) and PBJ -...
Popular Stories
Apple today announced it will be permanently closing three retail stores in the U.S. in June, including Apple Trumbull in Trumbull, Connecticut, Apple North County in Escondido, California, and Apple Towson Town Center in Towson, Maryland.
Apple Towson Town Center in Maryland
Apple issued the following statement to MacRumors:At Apple, we are constantly striving to deliver exceptional service...
Apple today released a minor iOS 26.4.1 update for the iPhone 11 and newer. While the release notes for the update only mention unspecified "bug fixes," we have since learned about two specific changes that are included in it.
First, 9to5Mac spotted an Apple Developer Forums thread suggesting that iOS 26.4.1 fixes an iOS 26.4 bug that affected iCloud syncing in some apps.
Second, an...
As we wait for WWDC to kick off next Monday, Apple today announced the winners of its annual Apple Design Awards, recognizing apps and games for their innovation, ingenuity, and technical achievement.
The 2025 Apple Design Award winners are listed below, with one app and one game selected per category:
Delight and Fun - CapWords (App) and Balatro (Game)
Innovation - Play (App) and PBJ -...
