Many people who know or care about computer security probably won’t be surprised to hear claims that Linux or BSD is generally more secure than Windows. That conventional wisdom seems to have been confirmed yet again by the results of a hacking challenge last March 28, Friday, at the CanSecWest 2008 conference. This was reported in the InfoWorld article, “With Vista breached, Linux remains unbeaten in hacking contest“:
Earlier this week, contest sponsors had put three laptops up for grabs to anyone who could hack into one of the systems and run their own software. A $20,000 cash prize sweetened the deal, but the payout was halved each day as contest rules were relaxed and it became easier to penetrate the computers.
On day two, Independent Security Evaluators’ Charlie Miller took the Mac after hitting it with a still-undisclosed exploit that targeted the Safari Web browser. After about two minutes work, Thursday, Miller took home $10,000, courtesy of 3Com’s TippingPoint division, in addition to his new laptop.
It took two days of work, but Shane Macaulay, finally cracked the Vista box on Friday, with a little help from his friends.
Macaulay, who was a co-winner of last year’s hacking contest, needed a few hacking tricks courtesy of VMware researcher Alexander Sotirov to make his bug work. That’s because Macaulay hadn’t been expecting to attack the Service Pack 1 version of Vista, which comes with additional security measures. He also got a little help from co-worker Derek Callaway.
Posted by Maddog 
