Friday, March 26, 2010
"The only researcher to `three-peat` at the Pwn2Own hacking contest said today that security is such a `broken record` that he won't hand over 20 vulnerabilities he's found in Apple's, Adobe's and Microsoft's software.
"Instead Charlie Miller will show the vendors how to find the bugs themselves.
"Miller, who yesterday exploited Safari on a MacBook Pro notebook running Snow Leopard to win $10,000 in the hacking challenge, said he's tired of the lack of progress in security. `We find a bug, they patch it,` said Miller. `We find another bug, they patch it. That doesn't improve the security of the product. True, [the software] gets incrementally better, but they actually need to make big improvements. But I can't make them do that.`"