Pwn2Own had a tremendous start with a MacBook Pro getting exploited in 5 seconds by Charlie Miller who has now walked off with an exploit four years in a row. Just staggering. IE8 and Firefox also fell and Chrome was untouched (the exploit for IE8 is patched in IE9). But moving on to mobility, the iPhone 4 was cracked in 5 minutes. It’s worth noting though that if you’ve upgraded to iOS4.3 then the exploit will not work any longer because of a secondary security feature that would have prevented it. The Blackberry also fell and that’s still open to vulnerability. Neither Android or WP7 were attacked though as the entrants backed out prior to the event. To be fair, there was an Android exploit that was just reported to Google and a smaller bounty was collected by the developer but had he waited on his hack he could have pulled off the exploit today. There’s still another day but it seems unlikely that anyone is going to take shots at Android, Chrome or WP7.
So what’s it all mean? The operating systems are pretty damn secure so it’s the user, not the OS that’s vulnerable.