The 5th Pwn2Own contest is here and there are some special treats for all you exploiters.
In addition to already offered prizes by Zero Day Initiative (ZDI) (a total is $105,000), Google Inc. will also be giving away a CR-48 laptop running Google Chrome OS and $20,000 to one lucky hacker who will exploit a security hole in Google Chrome web browser.
Contestants are welcomed to hack the following browsers:
Microsoft Internet Explorer
All of them will be running on a 64-bit, Windows 7 or OS X machines.
As for Opera inclusion, it’s still the same “low market share” argument.
Back in January, Google has announced its plans to remove H.264 codec from the Chrome web browser.
Well, Microsoft has decided to spice some things up and announced the availability of “Windows Media Player HTML5 Extension for Chrome” (Windows 7 only).
In addition, Dean Hachamovitch the Corporate Vice President of Internet Explorer has posted a a lengthy, explaining the current industry situation and expressing his concerns about WebM (just like Google did with H.264).
To sum it up: Microsoft is fully behind H.264 and sees no reason to drop it.
• Microsoft to Reveal Internet Explorer Mobile Plans
During the CES, one of the audience members has asked Microsoft’s Dean…
Google has recently published an interesting release cycle slideshow for Google Chrome web browser that reveals some interesting points.
Here are some points that can be drawn from the presentation:
Google Chrome is treated as an online service rather than actual software, explaining the reason for such release cycles.
Instead of wasting time on feature branches (that can take weeks of debugging), Google Chrome team works on a centralized trunk, allowing to release more frequent updates.
The current release pattern is based on a six week release cycle.
Features are designed in a way to be disabled with a single patch (if required).
For the full list, see the slideshow above. Doesn’t work? Try direct link.
It looks like Google’s WebM VP8 hardware decoder IP is now available for the chip makers. According to the recent announcement, they can now start working on a WebM playback support for their chipsets.
Same report also states that Oulu team is set to release a VP8 video encoder in the first quarter of 2011 as it’s currently ran in an FPGA (Field-programmable gate array) environment.
It looks like the search giant will soon remove a H.264 video codec from the upcoming Google Chrome web browser release.
“Though H.264 plays an important role in video, as our goal is to enable open innovation, support for the codec will be removed and our resources directed towards completely open codec technologies,” said Mike Jazayeri, the product manager at Google Inc.
According to the blog post, changes will occur in the next couple months and this is just a notification encouraging content publishers and developers to make necessary changes.
About a week ago, Google has started a unique charity project that converts opened Google Chrome user tabs into various goods:
10 tabs = 1 tree planted
10 tabs = 1 book published and donated
25 tabs = 1 vaccination treatment provided
100 tabs = 1 square foot of shelter built
200 tabs = 1 person’s clean water for a year
First person shooters are next.
As of today, it will install games without your permission. However, manual removal is possible.
With the recent release of NSS Labs Security Research Report, Google has responded with the following statement:
These sponsored tests are limited in their sole focus on socially engineered malware, while excluding vulnerabilities in plug-ins or browsers themselves. Additionally, the testing methodology isn’t available in a way that can be independently verified. Google Chrome was built with security in mind from the beginning and emphasizes protection of users from drive-by downloads and plug-in vulnerabilities — for example, we recently introduced a new security sandbox for Flash Player.
As a reminder: Google Chrome 6 blocked 3.4% of all socially engineered malware, while IE9 – 99%.