Showing posts with label google chrome. Show all posts

Google's $20,000 Bounty on Chrome Hack


The 5th annual hacking Contest Pwn2Own is due to kick start in Vancouver
(Canada) on March 9th , it will be a 3days affair ( 9th,10th,11th) and google is looking foward to make it more intresting by offering  $20,000  to anyone who can succesfully hack Google chrome.
This move from Google is $5,000 higher than its counterpart.

Security researchers will be looking into exploits against windows 7 or MAC OS latest version and targets will be  Microsoft Internet explorer,Mozilla's Firefox ,Apple's Safari and Google's chrome.
Though there will be 2 technologies as usual which will be under security exploit by security researchers i.e web browsers and mobile devices.
Mobile devices which will be looked upon are Dell Venue Pro, Apple's iphone4, Blackberry Torch 9800 and Nexus S.
The first sucessful Security researchers for hacking IE, Firefox and Safari will receive $15,000 and the laptop running the browser.
Portnoy from TippingPoint Digital said:
"We've upped the ante this time around and the total cash pool allotted for prizes has risen to a whopping $125,000," said Aaron Portnoy, the manager of HP TippingPoint's security research team.
Google is only one of four vendors to put money in the prize kitty. "Kudos to the Google security team for taking the initiative to approach us on this,".
However, the rules are slightly different for Chrome. On day 1, Google will offer $20,000 and the laptop if a contestant can pop the browser and escape the sandbox using vulnerabilities purely present in Google-written code. If competitors are unsuccessful, on day 2 and 3  ZDI(Zero Day Initiative) will offer $10,000 USD for a sandbox escape in non-Google code and Google will offer $10,000 USD for the Chrome bug.


Charlie Miller, the only researcher to have won Pwn2Own prizes three years in a row, wouldn't commit last week to trying again, but on Wednesday he noticed the $20,000 for Chrome.

"Pwn2own now offering 20k for attack on Chrome," said Miller on Twitter. "Must be hard, glad Mac OS X doesn't sandbox their browser."
Miller is a Mac hacking authority - he co-authored The Mac Hacker's Handbook with Dino Dai Zovi, a 2007 Pwn2Own winner -- and has exploited Safari each of the last three years.

Comments

Category: , , , , , , , , , , , , ,