All the latest UK technology news, reviews and analysis
|
|
|
08 Mar 2006
The University of Wisconsin has ended its OS X hacking contest with no successful hacking attempts.
The challenge was cut short after the University's Chief Information Officer found out about it and deemed that it was unauthorized. The competition's website has since been removed.
Dave Schroeder, the competition's organiser and a systems administrator at the university, launched the challenge in response to a similar competition last month in which a blogger created user accounts for contestants on a Mac Mini and challenged them to hack into the system by defacing a website.
The Mac Mini contest made headlines earlier this week, and the winner boasted that it had taken him under 30 minutes to penetrate OS X's security.
But Schroeder pointed out that his accomplishment "failed to mention a very critical point: anyone who wished it was given a local account on the machine".
He claimed that his hacking contest would create a more accurate image of OS X's security. The contest ran for 38 hours and resulted in no successful hacks, Schroeder said on the contest's website.
The site suffered from heavy traffic that peaked at 30Mbps, logging lots of traffic from scripts that sought to exploit known software vulnerabilities.
A number of dictionary attacks were also launched where special tools try out possible passwords such as birth dates, names and common words based on pre-defined dictionaries.
The site also was brought down twice by a denial of service attack that overloaded the server.
The test system was a Mac Mini running the latest version of OS X as well as all the latest security updates. It had been configured with two local user accounts and had SSH and HTTP open. The latter were not typical settings for an average user, according to Schroeder.
Contestants who claimed to have succeeded in hacking the system had to provide details about how they breached the security walls, which would have been provided to Apple. The winner was promised a claim to fame, but no material price.
Latest stories from Security
Related videos
Related articles
Related jobs
Poll
Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?
Orange and Intel talk us through the ins and outs of their San Diego smartphone
Connect with V3.co.uk
Social networking is almost ubiquitous. This white paper examines the benefits and risks and it looks at the different ways companies can reconcile them
The importance of understanding your infrastructure
Premier Consulting Firm - Procurement/P2P Transformation...
Premier consulting firm - IT Strategy and Cloud Consulting...
Software developer/ C# developer, (ASP.NET, C#, MVC...
Oracle Developer/ Programmer- Oracle ebusiness suite...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
dos attacks
According to other sites, the mini withstood the two denial of service attacks and didn't crash due to them. Please double check and update.
Posted by: jf 09 Mar 2006
Log files
The owner of the original 30-minute-hacked-Mac has not produced any system logs or root shell logs from the date and time of the supposed attack. Most likely that breach never occurred. However, the revenue generated by ad traffic must have been pretty good!
Posted by: Juan Carlos de Burbon 08 Mar 2006