Security contests prove to be useful.
Just as some might have thought that Google’s Chrome sandboxing feature is bullet proof, Sergey Glazunov, a security researcher who have found quite a few vulnerabilities in the fast, has enriched his life with a $60k reward, received for a “Full Chrome” exploit, which bypassed the sandbox feature. Although Google Chrome was previously known to withstand various attacks in Pwn2Own and similar contests, this time it was the first to fail.
Justin Schuh, Chrome’s security team member said, “It was an impressive exploit. It required a deep understanding of how Chrome works. This is not a trivial thing to do. It’s a very difficult and that’s why we’re paying $60,000.”
Pwn2Own, a computer hacking contest, which will begin on March 7th in Vancouver, British Columbia, has slightly modified its concept, according to sources.
First of all, smartphone hacks have been dropped completely in favor of the web browser exploits against Internet Explorer, Firefox, Google Chrome and Safari running on both Windows and Mac operating systems.
After our previous give away, we still have few freebies left before our inventory is empty, so in case you feel lucky today, simply retweet this post and enter the contest!
12-14 lucky winners will receive one of the following:
T-Shirt (Black or Red)
Opera Software Pen
Opera Sticky Notes
- Internet Explorer 9 Overtakes Opera
- April, 2011: Chrome, Safari Share Up; Internet Explorer, Firefox, Opera – Down
- Mozilla Defies the Department of Homeland Security
- Creator Of jQuery Leaves Mozilla
- How To Save And Quit In Firefox 4
- How to Activate Autocomplete in Firefox 4
- Google Chrome 14, 15 And 16 Planned This Year
- Google Chrome: Dear Sophie
- Google Chrome: It Gets Better
- Opera Dragonfly 1.0 Released
- Download Opera 11.50 Alpha
- RockMelt Now With Quiet Mode, Localized Search & Chromium 11
- Give Away: How to Create Web Browser Theme
- Internet Explorer 9 (IE9) vs. Firefox 4 vs. Google Chrome 10 vs. Opera 11 vs. Safari 5
- March, 2011: Firefox, Chrome, Safari Share Up; Internet Explorer – Down
- Mozilla Names Slow Extensions
- Google Chrome to Receive Scrolling Tabs
- Google Chrome to Improve Security
- Google Chrome Cookies
- The Story of Opera Employee
- Download Opera 11.10 RC
- CycleBlob: WebGL Lightcycle Game
- How Would You Change FavBrowser?
- FavBrowser.com v3 Launched
Pwn2Own, the yearly hacking contest held as part of the CanSecWest security conference, saw the successful hijacking of fully patched versions of Safari and Internet Explorer 8 this year. Ars Technica described Pwn2Own as the following:
If a researcher can pwn the browser—that is, make it run arbitrary code—then they get to own the hardware the browser runs on. This year, not only did they have to run arbitrary code, they also had to escape any sandboxes—restricted environments with reduced access to data and the operating system—that are imposed.
After introducing the hardware acceleration feature for IE9, Microsoft wasn’t really shy to demonstrate its advantages over other web browsers.
Recently, company has launched a Framerate Fest web site, inviting web developers to create their own HTML5 demo (300×300).
There have been only few entries so far (see official site) and submissions are open until the 25th of March.
One lucky winner will receive a brand new Xbox 360 with Kinect and some merchandise.
Technical Guidelines (.pdf)
The 5th Pwn2Own contest is here and there are some special treats for all you exploiters.
In addition to already offered prizes by Zero Day Initiative (ZDI) (a total is $105,000), Google Inc. will also be giving away a CR-48 laptop running Google Chrome OS and $20,000 to one lucky hacker who will exploit a security hole in Google Chrome web browser.
Contestants are welcomed to hack the following browsers:
Microsoft Internet Explorer
All of them will be running on a 64-bit, Windows 7 or OS X machines.
As for Opera inclusion, it’s still the same “low market share” argument.