Skip to main content
  1. Home
  2. Computing
  3. News

Hackers take over Touch Bar at this year’s Pwn2Own contest

Jon Martindale
By

A pair of hackers at this year’s Pwn2Own hacking contest have managed to infiltrate a MacBook Pro’s Touch Bar with a message of their own, after finding an exploit for the Safari browser. Although only considered a partial success, the hack did let them gain access to the Touch Bar, earning them $28,000 for their trouble.

The Pwn2Own security conference and competition sees many impressive exploits discovered every year and 2017 is no different. We’ve seen a number of successes (via MacRumors) that have cracked open the Linux Kernel, Adobe Reader, and Microsoft’s Edge browser. A few hacks managed to breach Apple security, too, which is what let one team post their message to the Touch Bar.

Welcome to Pwn2Own 2017

Samuel Groß and Niklas Baumstark used a number of logic bugs to exploit the Safari browser and eventually take root control of the MacOS on a MacBook Pro. While that itself granted them their monetary prize and nine points in the Pwn2Own competition, they impressed onlookers even more by adding a custom message to the Touch Bar which read: “pwned by niklasb and saelo.”

Recommended Videos

Baumstark later explained on Twitter why the hack was only considered a partial success, despite its efficacy.

@LiveOverflow @_tsuro @5aelo we had sep. exploits for 10.0.3 and 10.1. the 10.0.3 one is fixed upstream, so it counts as a duplicate

— Niklas Baumstark (@_niklasb) March 15, 2017

The contest, which is offering over a million dollars in prizes this year, has seen another group utilize an exploit in Safari to earn some points and funds for themselves. The Chaitin Security Research Lab successfully breached Safari to gain root access on MacOS. Because its goal was seen as a full, rather than a partial success, it earned $35,000 and 11 points for its trouble — though there were no props given for Touch Bar takeover in this case.

Although other teams also attempted to breach Safari with an escalation to root on MacOS, they couldn’t manage it within their allotted time.

As impressive as the first day of Pwn2Own 2017 has been though, there is still much more to come. The schedule for day two is now live and shows a lot of people and teams getting ready to try to crack open many pieces of commercial software, including the MacOS. We’ll no doubt learn more about their efforts when the results are posted later today.

Thanks to Trend Micro for sending through the header video.

Topics
Jon Martindale
Jon Martindale
Computing Coordinator
Jon Martindale is the Evergreen Coordinator for Computing, overseeing a team of writers addressing all the latest how to…
Why Llama 3 is changing everything in the world of AI
Meta AI on mobile and desktop web interface.

In the world of AI, you've no doubt heard about what OpenAI and Google have been up to. And now, Meta's Llama LLM (large language model) is becoming an increasingly important player in the game, especially with its open-source nature. Meta recently made a big splash with the launch of its Llama 3 AI model, and it's shaken up the field dramatically.

The reasons why are multiple and varied. It's free to use, it has a wide user base, and yes, it's open source, to name but a few. Here's why Llama 3 is taking the AI industry by storm and may shape its future for some time to come.
Llama 3 is really good
We can debate until the cows come home about how useful AIs like ChatGPT and Llama 3 are in the real world -- they're not bad at teaching you board game rules -- but the few benchmarks we have for how capable these AI are give Llama 3 a distinct advantage.

Read more
How to delete messages on your Mac
A MacBook and iPhone in shadow on a surface.

Apple likes to make things easy for its iPhone, iPad, and macOS devotees. When signed in with the same Apple ID on more than one of these devices, you’ll be able to sync your messages from one Apple product to the next. This means when you get a text on your iPhone, you’ll be able to pull it up through the Messages app on your Mac desktop.

Read more
The best laptop brands for 2024
best laptop brands hp spectre x360 13 2021 1

If you like to write, browse, game, or work in different parts of your home or office, one of the best laptops is a necessity in 2024. There are many to choose from, but you can first narrow your options by looking at laptops from the most established and respected brands.

Here's a list of the best laptop brands in 2024 to get you started.
Dell

Read more