Potential to cheat
|
| Author | Content |
|---|---|
| jezuch Apr 04, 2008 2:50 PM EDT |
Disclaimer: I have no idea how this competition was organised. I'm not really amused by the results, because I sense a nice potential to cheat: the guys who tried to hack Ubuntu simply might have not tried hard enough, just to prove it's more secure. Linux conspiracy? You bet! ;) Could someone explain how this was prevented? |
| techiem2 Apr 04, 2008 2:55 PM EDT |
Well, considering the prize was money plus the laptop...that would seem to be a nice incentive to try your best...
Of course, there is the possibility that nobody tried because they hadn't figured out any 0day vulns for Ubuntu to even try to exploit. http://dvlabs.tippingpoint.com/blog/2008/03/19/cansecwest-pw... Gives a good explanation overall of how it was conducted. |
| land0 Apr 05, 2008 8:39 AM EDT |
If by "Linux conspiracy" you mean various individuals conspire on a daily basis to create secure operating systems. You bet! :D ;) |
| jezuch Apr 05, 2008 1:53 PM EDT |
techiem2: Ah, thanks, "monetary incentives" indeed usually work ;) land0: I'd like more conspiracies like this... ;) |
| TxtEdMacs Apr 05, 2008 6:26 PM EDT |
There is a significant loop hole, the same cracking code (technique) cannot be reused. Maybe the Apple Air was simply more attractive, certainly more expensive. The same might have been true with regard to the Vista machine. Think of the hardware necessary to run it! Therefore, Ubuntu not being cracked alone does not imply it is truly hardened against all attempts. It would be nice to believe but there is too little to conclude Ubuntu is as superior as some might wish to believe. Perhaps unidentified machines with hidden OS might be a better test, if they really are able to pass themselves off as something other than they are. MS was purposely crashing (or forbidding entry, forgot which) to Opera browsers, the work around was to pretend it was a Windows variant. How do you think MS got those high percentages? They love pirates and identity hiding. Edit: I use Ubuntu. |
| tracyanne Apr 05, 2008 9:25 PM EDT |
Perhaps they should make the prize money higher for the Linux box, that way we can be more certain they are trying. But given that the source code for most of the software running on the Linux box, with the exception of flash itself, is freely available, one does wonder why the Linux box wasn't easily pwned. |
| hkwint Apr 06, 2008 8:03 AM EDT |
Quoting:Perhaps unidentified machines with hidden OS might be a better test, if they really are able to pass themselves off as something other than they are. Very good idea. Now who will sponsor us with money + a laptop to offer as a reward for this quest? |
| theboomboomcars Apr 06, 2008 11:39 AM EDT |
He worked on both the Vista and the Ubuntu machines to try to get his exploit to work.
Quoting:Macaulay spent day three switching back and forth between the two machines, trying to get his Flash exploit to execute properly.http://www.theregister.co.uk/2008/03/29/ubuntu_left_standing... |
Posting in this forum is limited to members of the group: [ForumMods, SITEADMINS, MEMBERS.]
Becoming a member of LXer is easy and free. Join Us!