At this year’s PWN2OWN contest, hackers were given the chance to test their abilities on the security systems of Mac OS X, Windows Vista and Linux. It appears that it sometimes pays to be “bad”, as winners were awarded substantial cash prizes and the laptop they had hacked. They also had to sign a nondisclosure agreement immediately after the contest, so that the system’s vulnerability could not be made public.

During the first day of competition, all three laptops (VAIO VGN-TZ37CN running Ubuntu 7.10, Fujitsu U810 running Vista Ultimate SP1, and a MacBook Air running OSX 10.5.2) hung on successfully, as contestants were only allowed an over-the-network approach; on the second day however, rules were modified a bit, and attacks could also be employed through specially designed websites or e-mails. Hackers were allowed to target "default installed client-side applications" as well, such as browsers. This enabled iPhone hacker Charlie Miller to hijack the MacBook Air in only 2 minutes (he managed to retrieve the designated file after judges were tricked into visiting a “trap-website.”) and Shane Macaulay (supported by friends Derek Callaway and Alexander Sotirov) to gain control of the Windows Vista laptop (he made use of an undiscovered flaw in the latest version of Adobe’s Flash software).

In the end, the Sony Vaio laptop running Ubuntu was the only one left standing. Following the results of the contest, the two “defeated” companies are already working on ways to fix the newly-discovered system vulnerabilities.