This year’s CanSecWest
conference in Vancouver, B.C. was once again host to the annual “Pwn2Own”
hacking contest, which demonstrated the power of intelligent exploitation by
researchers and members of the security industry.
Participants successfully hacked into some of the major
digital interfaces used by consumers and in some cases, assumed total control
over the device on which the software was installed without every coming into
contact with the machine.
The Apple iPhone and Safari web browser running on the Snow
Leapord OS, as well as both Mozilla Firefox and Microsoft Internet Explorer 8
running on Microsoft Windows 7, failed to stay secure when attacked by contest
participants. Ironically, the majority of these security breeches were
conducted by exploiting components of the software designed to increase
security, and one specifically, the Safari hack, was possible only after malicious
code was downloaded from an infected website.