Polish crackers beat hack challenge

Four talented Polish hackers have won themselves £35,000 in prize money for beating the Argus PitBull hacking challenge and revealing a potentially devastating vulnerability in the Solaris operating system on Intel.

The hacking crew, known as the Last Stage of Delirium (LSD), has been working on the competition box since it went live on Friday and managed to break in today, one day before the opening of the InfoSec security show at Olympia, London. The competition had been launched in conjunction with the trade show.

But rather than finding a flaw in Argus' PitBull security software, the group apparently discovered an exploit in the Solaris OS itself running on the x86 Intel platform, which may also apply to other Intel architectures.

Argus president and chief executive, Randy Sandone, was adamant that there are still no known flaws in PitBull itself. He said that LSD's success during this event has helped prove the point that, without operating system level security, systems will remain vulnerable to any number and type of hacking attack.

"Traditional security products and services could not have prevented this attack, and reliance on other security solutions would have left the systems vulnerable to many more and far less complicated types of attacks," he said.

In this case, the hackers have exposed a potentially devastating vulnerability that may exist in millions of computer systems around the world.

Although Argus will now have to shell out for the success of LSD, he added: "The alternative, we believe, is unacceptable: that is that live, real-world systems get hacked by unethical hackers, customers suffer huge losses, and, out of fear of bad press, the whole thing gets covered up and no-one learns from it".