Everyone’s software was cracked at Pwn2Own, which is a hacker’s conference, and this included Safari, which was taken down by Liang Chen, who took home $62,500 for the deed.
The conference was sponsored by Hewlett-Packard and saw $850,000 in prize money going out to hackers for cracking Safari, Chrome, Internet Explorer, Firefox and Adobe Flash.
Chen is part of a duo hacker team called Keen Team, and despite cracking Safari, he still has a lot of respect for Apple’s OS.
“For Apple, the OS is regarded as very safe and has a very good security architecture,” Chen said. “Even if you have a vulnerability, it’s very difficult to exploit. Today we demonstrated that with some advanced technology, the system is still able to be pwned. But in general, the security in OS X is higher than other operating systems.”
Chen exploited Safari by employing a heap-overflow-and-sandbox-bypass combination which took a reported three months to get right. Team Keen also won $75,000 for an Adobe Flash exploit, making their total winnings $137,500.
[via Forbes, image via Martin Treber’s flickr]