Monday, March 22, 2010

What Does Hacker Charlie Miller Have Up His Sleeve For Pwn2Own 2010?

Charlie Miller quickly gained notoriety two years ago at the CanSecWest security conference when he and his team used an exploit in the Safari web browser to hack the brand new MacBook Air in just under 2mins winning himself and his team not only the new MacBook Air but also $10,000 from security firm TippingPoint Technologies.

A year later he repeated the feat when he used yet another of his already known exploits to win him his second MacBook Air and an additional $5,000.

This year looks like it will be a three-peat for Miller who took second slot and first draw for Safari yet again. The security expert claims to have found no less than 20 zero-day exploits within OS X. Miller via Twitter last week stated he will present details on how he found the exploits during the conference but he made it clear he will not reveal the exact details on how the exploits work.

While the full details will not be disclosed Miller eluded to the approach in finding the zero-day flaws. According to his interview with Heise Security, Miller discovered the new vulnerabilities by fuzzing, a process which involves bombarding an application's input channels with as much corrupted data as possible. His presentation is subtitled: "An analysis of fuzzing 4 products with 5 lines of Python". The expert explained: "The talk is about what you really find when you fuzz and it tries to draw conclusions about what to expect in the future when you fuzz a mature product." Parts of the presentation apparently consist of statistics, for instance, about which percentage of flaws causes crashes, and which percentage can be exploited remotely.

Pwn2Own 2010 should be an interesting event this year, not only because of the flaws Miller found but because many including Miller himself are predicting the fall of the iPhone this year, this coming in-spite of the fact that last year not a single smartphone was hacked.

If you want full detail on the event including a schedule checkout the TrippingPoint Blog and to follow along with real-time updates and real-time feedback follow the TippingPoint Zero Day Initiative via theirTwitter account @theZDI.

No comments:

Post a Comment

All comments will be moderate for content, please be patient as your comment will appear as soon as it has been reviewed.

Thank you