Interesting interview with Charlie Miller, the researcher who broke into a fully patched MacBook machine using a Safari code execution vulnerability, posted by Ryan Naraine at ZDNet. Some tidbits from the interview: Why Safari? Why didn’t you go after IE or Safari?
It’s really simple. Safari on the Mac is easier to exploit. The things that Windows do to make it harder (for an exploit to work), Macs don’t do. Hacking into Macs is so much easier. You don’t have to jump through hoops and deal with all the anti-exploit mitigations you’d find in Windows.
It’s more about the operating system than the (target) program. Firefox on Mac is pretty easy too. The underlying OS doesn’t have anti-exploit stuff built into it.
….For all the browsers on operating systems, the hardest target is Firefox on Windows. With Firefox on Mac OS X, you can do whatever you want. There’s nothing in the Mac operating system that will stop you.
Google Chrome was the one target left standing. Surprised?
There are bugs in Chrome but they’re very hard to exploit. I have a Chrome vulnerability right now but I don’t know how to exploit it. It’s really hard. The’ve got that sandbox model that’s hard to get out of. With Chrome, it’s a combination of things — you can’t execute on the heap, the OS protections in Windows and the Sandbox. – Content courtesy of Questions for Pwn2Own hacker Charlie Miller | Zero Day | ZDNet.com