In the hands of hackers, Apple iPhone 4 and BlackBerry Torch made by Research In Motion (RIM) appeared to still be uprooted security system. The hackers who participated in the Pwn2Own contest in Vancouver, Canada, 9-11 March 2011, managed to conquer these two smartphones.
Three researchers with the name Team Anon successfully penetrate BlackBerry Torch security systems and found many weaknesses in the Webkit or browser rendering engine. They managed to smuggle the program by exploiting a number of weaknesses and proved to steal contact lists and databases of images.
Despite many shortcomings, it’s not easily penetrate the BlackBerry. This is because there is no documentation for the public about the operating system. Therefore, hackers have to do trial and error techniques to try to penetrate. Webkit is one part of a potential easy target. BlackBerry Torch is the first BlackBerry device that uses WebKit in its browser.
However, the browser still has not completed the address space layout randomization (ASLR) and Data execution prevention (DEP). The fall of the BlackBerry 9800 with OS 6.0.0.246 due, bug and defect information on a separate integer overflow from WebKit.
According Iozzo, though it is still spelled out than the iPhone from the security side, the closure of the BlackBerry became a separate obstacle.
Meanwhile Android dan Windows Phone 7 survive.
PC Operating System
Safari and Microsoft Internet Explorer (IE), both fall into the hands of hackers at the opening of the annual Pwn2Own event. A team of French company, Vupen walked away with carrying new MacBook Air and spending money worth $ 15,000 because of the weakness of the safari browser that has not been updated.
HP TippingPoint, a security company that sponsors Pwn2Own said, this is the last minute and Vupen Apple's Safari browser to update their security so it can’t be hacked, if it fails they should prepare money as a gift that has been agreed.
Safari with Vupen still have a chance to win, if the weaknesses of Safari 5.0.4 are able improved by Vupen so it can’t be hacked and they didn’t have to give money worth $ 15,000 to TippingPoint.
The opposite can happen if Safari didn’t fixed then the committee will receive the money worth $ 15,000 and will also freeze their browser on the MacBook Air that utilizes their update error.
Mozilla Firefox 3.6 and Google Chrome 9 is considered to be the safest browser at the moment because hackers didn’t or maybe haven’t found the weaknesses.
Comments