PWN to OWN challenge is over and the winner were awareded with a good deal of money and the laptop they cracked.

At 12:38pm local time, the team of Charlie Miller, Jake Honoroff, and Mark Daniel from Independent Security Evaluators have successfully compromised the Apple MacBook Air, winning the laptop and $10,000 from TippingPoint’s Zero Day Initiative. According to sources at the conference, Miller used an exploit against the Safari browser that ships standard with Mac OS X.

A security researcher on Friday exploited a critical bug in Adobe’s Flash Player to hack a notebook running Windows Vista Ultimate, the second machine to fall in this year’s “PWN To OWN” challenge.

The only unclaimed laptop by the contest’s end was a Sony Vaio running Ubuntu Linux.

What does this tell us? I think it’s not as easy as it looks…

I’m pretty sure that the Vista being cracked and not the Ubuntu had something to do with luck, it also could have been the way round. Cracking MacBook Air due a bug in Safari Browser we can assume that the usage of a browser that has a uncommon update system, like Safari has, is not recommented. When Safari 3.1 is not detected in a user’s machine, the updating software, by default, automatically selects the browser for installation.

The bug in Flash Player, which was accountable fot Vista’s downfall, had also been appearing in the Linux version. It kinda dependented on chance.

An interesting, but also alarming evolution is that operating system are becoming more and more secure which will lead attention of malware coders to individual software being installed on the target’s machine. It’s alarming because it reduces the advantage Linux or Mac users had have because in further time most viruses, exploits used bugs in Windows. Not just because Windows has sufficiant bugs also because of the wide speaded usage of Microsoft’s OS.

Hopefully in future dangerous exploits won’t be a thread for all operating systems because a product is affected that is being used on every operating system.