A team of security researchers have won themselves $10,000 for hacking into the MacBook Air in under two minutes by exploiting a Safari vulnerability.
This was done at the CanSecWest conference where there is a competition for hacking into the MacBook Air, Vista and Ubuntu. IDG News Service is reporting that on the first day, no one managed to execute any code as it was limited to over-the-network techniques on the OS itself.
The second day saw the rules changed to allow attacks done by tricking somebody to access a malicious website or e-mail. Hackers were allowed to target “default installed client-side applications,” like web browsers.
The researchers already had an attack code already set up on a website and retrived a file after “tricking” the judges to visit the site.
The winners signed a non-disclosure agreement so that this could not be exploited and a site said that Apple has been informed about the vulnerability.