The enemy gets PWND

Sorry for the poor headline... actually I was reluctant to post about this story because of some sense of dignity preventing me from dancing on the ashes of the enemy... but in the end the joy was too much to contain. Wandering what the Hell I'm babblig about? but of the outcome of the Pwn2Own contest! What else?

A few notes for those who are not familiar with the contest, it is pretty straightforward actually.
There are 3 shiny laptops with default software and latest patches available: one with Mac OS (a MacBook Air, no less), one with Windows Vista and one with Ubuntu Linux.
The contenders have four days to try their best to hack the laptops, take control of them, and violate the file containing the instructions to claim the price... obviously the hackers have no phisical access to the machine except some very basic instructions they can give to a dummy user such as "visit this site" or "open this mail".
The first one who manages to find a vulnerability and put it to good use wins the glory, the laptop, 10k $ and an NDA to sign.


Everything is done in the name of better security (the vulnerabilities discovered are patched before they can used by crackers in the real world), and it goes without saying that this is at the same time a contest for the hackers (who enters first) and for the operating systems (who stands longer), and here we get to the reason of my joy. This is the outcome of the 2008 edition:

OS X, pwnd on day 2 trough a bug in the Safari web browser
Windows Vista, pwnd on day 4 thanks to a vulnerability in Adobe Flash player
Ubuntu Linux standing still, nobody managed to hack it

This is not only a proof of how Linux is secure, it really overthrows some common opinions about operating systems security in general. I used to be the first one thinking Macs to be more secure than Windows pcs.
Even more, some utter moron still goes around saying that just because a software is free (as in speech AND as in beer) it cannot be safer than a closed one... WRONG! Actually in this contest the closest of all was the first to fail, Windows itself was violated due to a hole in a third party software rather than a Microsoft component, while the little underdeveloped african child (that wouls be Ubuntu) stood still.

Bottom line, you can have a very secure computer for free... or you can always have a quite secure one and pay for the privilege ;)