Pwn2Own: iPhone BlackBerry Down, Android WP7 Untouched
Pwn2Own had a tremendous start with a MacBook Pro getting exploited in 5 seconds by Charlie Miller who has now walked off with an exploit four years in a row. Just staggering. IE8 and Firefox also fell and Chrome was untouched (the exploit for IE8 is patched in IE9). But moving on to mobility, the iPhone 4 was cracked in 5 minutes. It’s worth noting though that if you’ve upgraded to iOS4.3 then the exploit will not work any longer because of a secondary security feature that would have prevented it. The Blackberry also fell and that’s still open to vulnerability. Neither Android or WP7 were attacked though as the entrants backed out prior to the event. To be fair, there was an Android exploit that was just reported to Google and a smaller bounty was collected by the developer but had he waited on his hack he could have pulled off the exploit today. There’s still another day but it seems unlikely that anyone is going to take shots at Android, Chrome or WP7.
So what’s it all mean? The operating systems are pretty damn secure so it’s the user, not the OS that’s vulnerable.
@DK. Pretty good article especially after the bashing you’ve done about Android and how unsecure it is compared to WM7. Like my boy Charlie says “We are winning”.
Umm, there was still an Android vulnerability, it was just disclosed before the pwn2own conference. Not sure how much of a win that is, but I guess you take what you can get.
Thanks, great review to the important points. Some really great thoughts here, very comprehensive. I appriciate that!