The dramatic scene takes place in Canada - Vancouver, BC to be specific. Geeks from around the world gather for the PWN to OWN 2008 hack contest where if you can hack into a fully-patched laptop, you get to walk away with it. And you can win cash too. The stage is set with a Fujitsu U810 running Windows Vista Ultimate with SP1, a Sony VAIO VGN-TZ37CN running Ubuntu 7.10, and an Apple MacBook Air running OSX 10.5.2. Who will be the first to fall?

Day one - No winners. Heck, no takers. The rules for day one limit to remotely exploitable pre-auth vulnerabilities, or in other words hacks that require no user interaction and thus would typically just involve cracking into the kernel or drivers.

Day two - On day two the rules expand to include any default installed client-side applications. Hackers are allowed to require some user interaction such as following a link through email, vendor supplied IM client, or visiting a malicious website. And it’s here that we have our first winner!

So which operating system fell first? Who had the worst security of them all?

And the winner loser is … Apple Mac OS X 10.5.1 (Leopard) running on an Apple MacBook Air! Whoo-hoo! As if there wasn’t already enough reason to laugh at MacBook Airs, we now have them as being the first laptop to be hacked in the Pwn2Own 2008 contest! Congratulations Apple!

A team of Charlie Miller, Jake Honoroff, and Mark Daniel from Independent Security Evaluators were able to break into the Apple MacBook Air by exploiting a flaw in Apple’s Safari web browser. Hmm, the same web browser that this blog reported Apple is now pushing onto Windows users? Indeed.

So why did Charlie Miller chose Apple’s Mac OS X 10.5.2 (Leopard) out of the three fully-patched operating systems to hack? Charlie is quoted as saying, “I thought of the three it was the easiest.” There you go. It doesn’t get clearer than that.

Let this be a lesson to you Macintosh owners out there. You think your Macs are safe because all of the viruses and hacking are on Windows boxes. But you’re not safe. You’re not safe at all. The only reason that there aren’t more cases of Mac hacks is simply because there aren’t more Macs out there than Windows boxes. You’re “safe” because you’re a niche. But even security professionals now agree that you’re the easiest target. You’re just such a small niche target that you’re not typically worth the effort. That, however, does not make you safe.

So congratulations Charlie Miller for showing the world that Apple is just as (if not more) insecure than everyone else!