Submission + - Safari To Fall First in Hacking Contest ... Again? (computerworld.com)
CWmike writes: Apple's Safari will be the first browser to fall next month at the Pwn2Own hacking challenge, the contest organizer has predicted.'Safari will be the first to go,' said Aaron Portnoy, security research team lead with 3Com TippingPoint, the sponsor of Pwn2Own, which starts on March 24. However, researcher Charlie Miller, who hijacked a Mac in less than five seconds through Safari last year to win $5,000, and $10,000 by hacking a MacBook Air in 2008 in under two minutes at Pwn2Own, again by exploiting a Safari bug, says he's not as certain as Portnoy that Apple's browser will tumble first. 'Unlike previous years, I'd say Safari isn't significantly easier than the browsers on Windows,' Miller said. 'I say this because Snow Leopard finally has DEP [Data Execution Prevention]. Also, because at Black Hat DC, Dion Blazakis showed how to defeat DEP in [Windows] browsers. The only difference is that Safari has a bigger attack surface, and includes, for example a PDF reader (Preview) and Flash.'