Pwn2Own Winner to Share Hacking Techniques with Apple

| News

Security research specialist Charlie Miller isn’t planning on sharing the exploits he found in Apple’s Safari Web browser to hack a MacBook in the CanSecWest Pwn2Own contest. Instead, he plans to share his techniques with the company so they can improve product security, according to ZDNet.

Mr. Miller used a technique called “fuzzing” to look for potential flaws in applications ahead of the event and uncovered several in Safari along with some in Adobe and Microsoft applications. “I’m one guy working out of my house. I shouldn’t be able to find bugs like these, ever,” he said.

Instead of turning over his exploits to the companies, however, Mr. Miller plans to show them how they can uncover the same flaws.

The companies, and end users, won’t have to worry about Mr. Miller’s work falling into the wrong hands. He doesn’t plan to release the information to the public, and TippingPoint Zero Day Initiative will handle getting the data to Apple, Adobe and Microsoft.

Sign Up for the Newsletter

Join the TMO Express Daily Newsletter to get the latest Mac headlines in your e-mail every weekday.

1 Comments

AlaskaBoy

Sounds like the ‘company’ should be eagerly hiring him (or anyone) as a part-time ‘hacking’ consultant.  If the man can produce proof of the flaws in the program’s security, pay him.  If not, throw the bum out.  Am I missing something here?

Log-in to comment