I came across an interesting item on OSNews today — a link to a Computerworld story in which Terri Forslof, manager of security response at TippingPoint, explains why Ubuntu Linux was the only OS left standing at the pwn2own contest her firm sponsored at CanSecWest.
“There was just no interest in Ubuntu,” said Terri Forslof, manager of security response at 3Com Corp.’s TippingPoint subsidiary, which put up the cash prizes awarded at the contest last week at CanSecWest…. “It was actually a lack of interest” on the part of the PWN to OWN contestants, Forslof said. “[Shane Macaulay’s] exploit would have worked on Linux. He could have knocked it over. But [the contestants] get a lot more mileage out of attacks on the Mac or Windows,” she continued.
The story doesn’t mention how many people attempted to hack the Ubuntu machine at PWN 2 OWN. Does anyone out there have this information? If indeed Ubuntu was “ignored” during the contest, I imagine that someone in attendance must have noticed.
While short on details about how many attacks Ubuntu faced compared to Vista and OS X, the story was particularly long on complimentary quotes about how the mighty prowess of Windows Vista SP1 made the OS tougher to crack than PWN 2 OWNers had perhaps expected. Hooray for Vista.
Back at OSNews, I found the contribution of one commenter particularly interesting:
“Prior to joining TippingPoint, Terri was a Security Program Manager for the Microsoft Security Response Center, focused on driving the resolution of security vulnerabilities within Microsoft products.”
Were you at CanSecWest? Just how ignored was Ubuntu?
UPDATE: My colleague Ryan Naraine tells me that only four contestants had signed up for the PWN2OWN challenge, so:
- It’s entirely possible that Ubuntu was indeed completely ignored;
- It’s pretty sad that with so few participants, both Mac and Vista went down, anyway;
- I must remind myself to pay less, or at least more guarded, attention to PWN2OWN next year.