Has GNU/Linux Won Pwn2Own Again?

Dr. Roy Schestowitz

2009-03-20 14:25:30 UTC
Modified: 2009-03-20 14:25:30 UTC

Novell shield

Summary: GNU/Linux is a no-show, but it was last year's winner

A LOT of people may not remember this, but Apple's Mac OS X was the first to fall last year due to a flaw in Safari (proprietary) and Windows Vista was second. Ubuntu GNU/Linux, which was there for people to crack, stayed untouched until the end and thus won. It's a similar story this year, but having already emerged victorious, Mr. GNU/Linux did not bother attending to defend its title. This is of course a mostly tongue-in-cheek statement, but nonetheless, here is the coverage from Heise:

Safari was the first to fall this week at the Pwn2Own 2009 security competition held at the CanSecWest conference in Vancouver, Canada. The competition, sponsored by TippingPoint Technologies, awards a prize for each vulnerability found on various mobile phone platforms and internet browsers. Participants were invited to attack Internet Explorer 8, Firefox and Google Chrome on Windows 7 and Safari and Firefox on Mac OS X, each of which was fully patched.

Heise has another interesting story about Windows Trojans in ATMs

Windows Trojan on Diebold ATMs

Vanja Svacjer, a virus expert for Sophos, has reported his latest find in a blog entry: a Trojan that spies on PINs. The difference is that this example specialises in cash dispensers made by Diebold, which run Windows.

It is utterly foolish to run ATMs on Windows for reasons that we listed before using plenty of evidence.

As a side note, we still try to determine or at least wait for a response from Apple regarding its new headphones. Is the following report truthful? It is being actively challenged.

"Latest iPod Suggests that Apple Still Loves DMCA-Assisted Lock-in

Back in January, we noted that despite Steve Jobs's posturing on the music DRM front, Apple remains a big supporter and user of DRM and DRM-like schemes throughout their product lines. Over at the EFF blog, Fred von Lohmann suggests another potential example. The new iPod Shuffle has no buttons; the controls are on the included headphones.

Until Apple sheds some light it will remain an area that is hard to comment on. ⬆

Recent Techrights' Posts

Free University of Bozen-Bolzano Proud to Host Free Software Talk by Richard Stallman: ahead of Monday's talk
Slopwatch: Anti-Linux Machine-Generated FUD (LLM Slop) From GBHackers, CybersecurityNews, and Guardian Digital, Inc (Google News Promotes Slop Plagiarism, Misinformation): Companies that lie try to drown out the signal with falsehoods
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, February 21, 2025: IRC logs for Friday, February 21, 2025
The Streisand Effect is Real: So don't be evil. Also, don't strangle women.
Links 21/02/2025: Linux Foundation Openwashing, Microsoft Copilot Goes Down: Links for the day
Links 21/02/2025: Doomscrolling and European Ham Radio Show: Links for the day
Links 21/02/2025: TikTok Layoffs, WebOS Software Patents in Bad Hands: Links for the day
Gemini Links 21/02/2025: Web Browsers, Mechanical Shortcuts, and Internet Hygiene: Links for the day
Richard Stallman 'Only' Founded the FSF: there's no reason to be upset at the FSF for keeping their founder in the Board
Techrights Disconnected From the United States Two Years Ago: Did people really need to wait for the US government to become this hostile towards the media before recognising the threat?
Before Trying Censorship by Extortion the Serial Strangler From Microsoft Literally Begged Us to Delete Pages: This is very clearly just a broad campaign of intimidation
Hype Watch: Weeks After Microsoft Disappointed Investors With "Hey Hi" It's Trying Some "Quantum" Hype (Adding Impractical Vapourware to Accompany This Hype and Even LLM Slop in 'News' Clothing): Remember "metaverse"? What happened to media hype about "blockchain" and "IoT"?
Report About February Mass Layoffs at Microsoft (Third Wave of Microsoft Layoffs in 2025) Comes Back From the Dead: Yesterday we wrote about an article in CRN (reporting Microsoft layoffs) being removed without any reasons specified
Links 21/02/2025: Myanmar Scam Centre and Disruptions at USPTO: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, February 20, 2025: IRC logs for Thursday, February 20, 2025
gbhackers.com is Not Hackers, It's LLM Slop Outputs (Fake 'Articles') That Attack 'True Hackers': A site called linuxsecurity.com keeps doing this and now we see the slopfarm gbhackers.com doing the same
Gemini Links 20/02/2025: Law of Warming and Cooling, Health, and Devlog: Links for the day
linuxsecurity.com Continues to Spread Lies or Machine-Generated FUD (Microsoft LLMs Likely the Source) About OpenSSH and Linux: this LLM problem is global
Links 20/02/2025: Microsoft Infosys Layoffs and IRS Layoffs (Good News for Rich Tax Evaders): Links for the day
IBM Layoffs in Europe Already Happening or Underway (UK and Spain). They Try Not to Call These "Layoffs".: "CIO" in particular was repeatedly mentioned lately, as was Consulting
People Who Came From Microsoft Demanding Removal of Articles About Them, About Microsoft, and About Microsoft GitHub is "Generous" (According to Them): Imagine choosing a law firm that borrows money in the same year just to avoid overdraft in the bank!
Possibly a Third Round of Mass Layoffs at Microsoft in 2025 ("Cloud Solution Architects, Customer Roles"), Report Removed or Censored: This is literally the top story for "microsoft layoffs" right now
Instead of 'DoS Protection' Cloudflare is Allegedly Conducting 'DoS Attacks' on Users of Browsers Other Than Firefox and GAFAM's DRM Sandboxes (Chrome, Safari and Others): If you value the Web, you will avoid Cloudflare
Mixing Real With Fake in One 'Article' (by "Director of Content, Help Net Security"): From what we can gather, he got machines to generate some slop for him
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Wednesday, February 19, 2025: IRC logs for Wednesday, February 19, 2025