How I Came to Get a PC and Not a Mac

          

News Commentary. Microsoft’s “Laptop Hunters” commercials have generated lots of Mac vs. Windows PC debate. Surely there can’t be enough, so I’d like to generate even more. Quite unexpectedly, I’m a PC. I don’t buy new computers very often, and for a long time I slightly favored Macs over Windows PCs. So no one perhaps is more surprised than me that my now four-month old laptop is a Sony and not an Apple. Continue reading →

Pwn2Own contest winner: Macs are safer than Windows

    

Charlie Miller, the security expert who won both this and last year’s CanSecWest Pwn2Own security contests by exploiting Macs running Safari, repeated in an interview that he’d recommend Macs to typical users as a safer alternative to Windows PCs.

Following both Pwn2Own contests, numerous sensationalist headlines played up the idea that a Mac had been “cracked in seconds,” conspicuously neglecting to mention what Miller called “the many days doing research and writing the exploit before the day of the competition,” enabling him to discover the bugs and develop a way to successfully exploit them on the first try at the event. Continue reading →

Apple Safari Beta 4 for Windows and Mac

                                

Apple launched the first beta of Safari 4, the new version of its web browser for both Windows and Mac OS X computers. Safari 4 brings a lot of new features, including full history search, a smart address field, and full-page zoom. Apple also claims that Safari 4 runs much faster due to its new JavaScript engine.

  Continue reading →

Do we need a unified Linux front?

The U.S. Constitution makes a point of guarding against tyranny through a series of checks and balances. The software market, it turns out, is no different.

Or, rather, it could turn out to be that way. Windows has stood alone for more than a decade as the dominant operating system for personal computers, and it had a growing lock on the server too. But then Linux happened, and Apple’s Mac OS X is increasingly spoiling the Windows party (though some recent data suggests that Microsoft’s “I’m a PC” marketing may have actually paid off).

Linux provides an effective check on Microsoft’s ambitions to own the operating-system market. The question then becomes: how many Linux distributions is optimal for keeping Microsoft honest?

Paul Rubens at ServerWatch makes a compelling argument that one Linux is better than many for the purpose of keeping Windows in check, and the clear candidate to take that mantle is Red Hat, not Novell’s Suse Linux. He explains:

Some might say SLES (Suse Linux Enterprise Server) is the obvious candidate in that it’s backed by Novell, and with other strings to its bow, Novell should be better able to withstand any price wars or other financial problems a Linux champion might encounter. But there’s a problem with this argument. Over the years, Novell has comprehensively had its (rear) whipped by Microsoft. What it comes down to is this: Microsoft is a winner while Novell is a perennial loser.

But it gets worse. Novell, as we all know, is in Microsoft’s back pocket when it comes to SLES. The Redmond giant subsidizes SLES by buying support coupons off Novell (it’s committed to up to $340 million worth so far), which it uses to get Microsoft customers who are interested in Linux to spurn Red Hat.

Novell, in other words, is not a good counterbalance to Microsoft, because it’s somewhat dependent on Microsoft. The VAR Guy rightly suggests that a strong showing by Novell’s Suse Linux is critical to ensuring that Red Hat doesn’t become Redmond, but this point is mitigated by Novell’s affiliation with Microsoft.

Red Hat, however, has not actively taken the fight to Microsoft, and it needs to expand its solution footprint in order to effectively compete with Microsoft. Microsoft is much more than an operating-system company. Red Hat has started to build out its portfolio with JBoss, but more is needed.

Once Red Hat lives up to its brand and expands its range of offerings, we’ll have a real competitor to Microsoft, rather than the Unix-and-BEA-replacement company that Red Hat largely is today. As for keeping Red Hat honest, I suspect that Canonical’s Ubuntu will play that role, rather than Novell. Novell needs to shed its too-close affiliation with Microsoft in order to effectively counterbalance Microsoft and Red Hat.

Researcher cracks Mac in 10 seconds at PWN2OWN, wins $5K

Charlie Miller defends his title; IE8 also falls on Day 1 of hacking contest

March 18, 2009 (Computerworld) Charlie Miller, the security researcher who hacked a Mac in two minutes last year at CanSecWest’s PWN2OWN contest, improved his time today by breaking into another Mac in under 10 seconds.

Miller, a principal analyst at Independent Security Evaluators LLC, walked off with a $5,000 cash prize and the MacBook he hacked.

“I can’t talk about the details of the vulnerability, but it was a Mac, fully patched, with Safari, fully patched,” said Miller Wednesday not long after he had won the prize. “It probably took 5 or 10 seconds.” He confirmed that he had researched and written the exploit before he arrived at the challenge.

The PWN2OWN rules stated that the researcher could provide a URL that hosted his or her exploit, replicating the common hacker tactic of enticing users to malicious sites where they are infected with malware. “I gave them the link, they clicked on it, and that was it,” said Miller. “I did a few things to show that I had full control of the Mac.”

Two weeks ago, Miller predicted that Safari running on the Mac would be the first to fall.

PWN2OWN’s sponsor, 3Com Inc.’s TippingPoint unit, paid Miller the $5,000 for the rights to the vulnerability he exploited and the exploit code he used. As it has at past challenges, it reported the vulnerability to on-site Apple representatives. “Apple has it, and they’re working on it,” added Miller.

According to Terri Forslof, the manager of security response at TippingPoint, another researcher later broke into a Sony laptop that was running Windows 7 by exploiting a vulnerability in Internet Explorer 8. “Safari and IE both went down,” she said in an e-mail.

TippingPoint’s Twitter feed added a bit more detail to Forslof’s quick message: “nils just won the sony viao with a brilliant IE8 bug!”

Forslof was not immediately available to answer questions about the IE8 exploit.

TippingPoint will continue the PWN2OWN contest through Friday, and will pay $5,000 for each additional bug successfully exploited in Apple Inc.’s Safari, Microsoft Corp.’s Internet Explorer 8, Mozilla Corp.’s Firefox or Google Inc.’s Chrome. During the contest, IE8, Firefox and Chrome will be available on the Sony, while Safari and Firefox will be running on the MacBook. The researcher who exploited IE8 will, like Miller, be awarded not only the cash, but also the laptop.

“It was great,” said Miller when asked how it felt to successfully defend his title. “But I was really nervous for some reason this time. Maybe it was because there were more people around. Lucky [the exploit] was idiot-proof, because if I had had to think about it, I don’t know if I’d had anything.”

This year’s PWN2OWN also features a mobile operating system contest that will award a $10,000 cash prize for every vulnerability successfully exploited in five smartphone operating systems: Windows Mobile, Google’s Android, Symbian, and the operating systems used by the iPhone and BlackBerry.

Miller said he won’t enter the mobile contest. “I can’t break them,” said Miller, who was one of the first researchers to demonstrate an attack on the iPhone in 2007, and last year was the first to reveal a flaw in Android. “I don’t have anything for the iPhone, and I don’t know enough about Google.”

The “We’re Linux” Video Contest

If you’ve been alive and aware of mass media over the last twelve months, you’ve probably seen television commercials from Apple and Microsoft touting their operating system. From Apple’s ubiquitous “I’m a Mac” to Jerry Seinfeld to Microsoft’s “I’m a PC” retort, operating system commercials have been flooding the airways. Except one OS has been notably absent – Linux.

While the Linux Foundation would love to spend millions promoting Linux on TV, it’s simply not our style (or in our budget). Even more importantly, Linux isn’t a top-down, commercially controlled operating system. It’s a grassroots product of mass collaboration. That’s why we’re sponsoring a community contest to create a Linux video that showcases just what Linux means to those who use it, and hopefully inspires many to try it.

The winner will receive a free trip to Tokyo, Japan to participate in the Linux Foundation Japan Linux Symposium in October 2009. The winning video will also be unveiled at the Linux Foundation’s Collaboration Summit in San Francisco on April 8, 2009.

Click here to vote