Has GNU/Linux Won Pwn2Own Again?

Dr. Roy Schestowitz

2009-03-20 14:25:30 UTC
Modified: 2009-03-20 14:25:30 UTC

Novell shield

Summary: GNU/Linux is a no-show, but it was last year's winner

A LOT of people may not remember this, but Apple's Mac OS X was the first to fall last year due to a flaw in Safari (proprietary) and Windows Vista was second. Ubuntu GNU/Linux, which was there for people to crack, stayed untouched until the end and thus won. It's a similar story this year, but having already emerged victorious, Mr. GNU/Linux did not bother attending to defend its title. This is of course a mostly tongue-in-cheek statement, but nonetheless, here is the coverage from Heise:

Safari was the first to fall this week at the Pwn2Own 2009 security competition held at the CanSecWest conference in Vancouver, Canada. The competition, sponsored by TippingPoint Technologies, awards a prize for each vulnerability found on various mobile phone platforms and internet browsers. Participants were invited to attack Internet Explorer 8, Firefox and Google Chrome on Windows 7 and Safari and Firefox on Mac OS X, each of which was fully patched.

Heise has another interesting story about Windows Trojans in ATMs

Windows Trojan on Diebold ATMs

Vanja Svacjer, a virus expert for Sophos, has reported his latest find in a blog entry: a Trojan that spies on PINs. The difference is that this example specialises in cash dispensers made by Diebold, which run Windows.

It is utterly foolish to run ATMs on Windows for reasons that we listed before using plenty of evidence.

As a side note, we still try to determine or at least wait for a response from Apple regarding its new headphones. Is the following report truthful? It is being actively challenged.

"Latest iPod Suggests that Apple Still Loves DMCA-Assisted Lock-in

Back in January, we noted that despite Steve Jobs's posturing on the music DRM front, Apple remains a big supporter and user of DRM and DRM-like schemes throughout their product lines. Over at the EFF blog, Fred von Lohmann suggests another potential example. The new iPod Shuffle has no buttons; the controls are on the included headphones.

Until Apple sheds some light it will remain an area that is hard to comment on. ⬆

Recent Techrights' Posts

Microsoft-Sponsored Xenophobia and Nationalism: IBM is very similar in this regard
Tentative Summary of Things to Publish in Project 2030: I'll still be in my forties by then
Rust People: Drain the Swap, You're Holding It Wrong: Does Rust make sense?
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, September 20, 2025: IRC logs for Saturday, September 20, 2025
Gemini Links 20/09/2025: Snowy Photos and utism is a Spectrum: Links for the day
Vintage is Sometimes Better: Why can't we get back to "simple" if (or where) "simple" means better?
Climate Breakdown Means We'll be Publishing More, Not Less: Press freedom will be a common, recurring theme
Our 5-Year Geminispace Anniversary is Coming Up: I still remember when Gemini Protocol was quite new
It's Right to Point Out Violence From the Right: Violence is a recurring theme
Web Browsers That "Do Hey Hi" (AI): State-of-the-art plagiarism or "autocomplete on steroids" (not coined by us, nevertheless a nice description) don't have much/any prospect
Links 20/09/2025: Hardware Projects in View, Some Independent Publishers About Russia Prosper After Cheeto Cuts Funding: Links for the day
Gemini Links 20/09/2025: Options and TV Time Machine: Links for the day
Links 20/09/2025: Retrocomputer, Antique Phone Experience, and More: Links for the day
Links 20/09/2025: Internet Shutdowns, Media Censorship, and Climate Worries: Links for the day
About 700 New Gemini Capsules in 13 Months (or 54 Per Month): 4.8K would represent a 20% increase
Techrights the Name Turns 15: About 6 weeks from now we turn 19
Microsoft is Running Out of Time and Floating Fake Figures, Fake Projects, Fake Narratives, Fake Excuses: Also, a lot of Microsoft's "revenue" claims are circular financing (i.e. Microsoft buying from itself, which means Ponzi-like fraud)
Slopwatch: LinuxSecurity, linuxconfig.org, and Plagiarised Phoronix: Many articles out there are nowadays fake
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, September 19, 2025: IRC logs for Friday, September 19, 2025
Gemini Links 20/09/2025: Navigating the Pressures of Modern Life and SpellBinding Accidentally Wrote Another Gemini Server: Links for the day
Links 19/09/2025: Press Freedom Dying in US, Anti-Austerity Strikes in France, and Alan Rusbridger to Leave 'Prospect': Links for the day
European Patent Office Illegally Gutting and Outsourcing Its Functions, Acting Like an Above-the-Law Commercial Business (It Won't Stop at Formalities Officers (FOs) and Classification Slop at the EPO): breaking/violating laws and conventions
Offloading to the Sister Site: In the interest of not overwhelming readers
Links 19/09/2025: Coffee Club and "SpellBinding is Now Absurdly Fast": Links for the day
Links 19/09/2025: Lobbyist of American GAFAM Becomes Data Protection Commissioner in Europe: Links for the day
Links 19/09/2025: Media Freedom Ceases to Exist in US, "Consider Dropping Twitter/X": Links for the day
Gemini Links 19/09/2025: Thinking and Insect Bites: Links for the day
Microsoft E.E.E.: Git Will Now (or Very Soon) Fully Depend on Rust, Which is Controlled by Microsoft: Microsoft now makes Git dependent on Rust, or making Git dependent on GitHub, which is proprietary
The Right to Punch People (Apparently): At Brett Wilson, Brett's job title is "Head of Crime" and Wilson normalises calls for violence
Slop or Fake Articles Have Turned Linux Journal From a Pioneering/Trailblazing "Linux" Magazine Into a Nuisance: some sites with former reputation - good reputation - turn into cesspools
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, September 18, 2025: IRC logs for Thursday, September 18, 2025