TippingPoint | DVLabs | Day One: CanSecWest PWN to OWN Results

► 2009
- ► October (1)
  - (loading)
- ► September (3)
  - (loading)
- ► July (1)
  - (loading)
- ► June (5)
  - (loading)
- ► May (1)
  - (loading)
- ► April (2)
  - (loading)
- ► March (9)
  - (loading)
- ► February (7)
  - (loading)
- ► January (5)
  - (loading)
► 2008
- ► December (2)
  - (loading)
- ► November (4)
  - (loading)
- ► October (7)
  - (loading)
- ► September (9)
  - (loading)
- ► August (16)
  - (loading)
- ► July (9)
  - (loading)
- ► June (11)
  - (loading)
- ► May (1)
  - (loading)
- ► April (4)
  - (loading)
- ► March (6)
  - (loading)
- ► February (4)
  - (loading)
► 2007
- ► December (1)
  - (loading)
- ► November (5)
  - (loading)
- ► October (4)
  - (loading)
- ► September (1)
  - (loading)
- ► August (2)
  - (loading)
- ► July (9)
  - (loading)
- ► June (4)
  - (loading)
- ► May (8)
  - (loading)

Day One: CanSecWest PWN to OWN Results

By Zero Day Initiative
Wed 26 Mar 2008 21:30pm
14843 Views
2 Comments
Link

Today's first day of CansecWest's PWN to OWN contest is now officially over, and we can report that all three laptops are still standing without having been compromised. At 2:45pm local time today, to much fanfare, Aaron made the official announcement of the contest's opening to the CanSecWest crowd.

As a reminder, the rules today allowed only for a contestant to use a remote pre-auth 0day to win a laptop and cash prize. On day two of the contest, which begins at 12:30pm local time tomorrow, the attack surface will be expanded to all default-installed client side applications on the laptops as well. This means any exploit that involves following a link through email, vendor supplied IM client, or visiting a malicious website. The contest will also continue to honor any remote pre-auth exploits as well. Click here for a refresher on the full rules and cash prizes.

Rumor has it that the laptops' fates wont be as kind on day two of the contest. Check back here tomorrow and stay tuned...

Update - check our main blog index for updates on days two and three of the contest.

Tags: zdi,cansecwest,pwn2own

Published On: 2008-03-26 21:30:08

Comments post a comment

Dave Lindhout commented on 2008-03-27 @ 08:43

Thank you for providing this coverage. It's probably less exciting to watch than a chess match, but I find the whole thought process interesting. Keep up the GREAT work.
Anonymous commented on 2008-03-27 @ 16:09

Waiting expectantly for news of Day 2

Links To This Post

Hacker Super Bowl pits Mac OS vs. Linux, Vista | InfoWorld | News | 2008-03-27 | By Robert McMillan, IDG News Service
linked on 2008-03-27 @ 12:54 Show Comment

By late Wednesday -- the first day of the contest, nobody had even tried to hack the three laptops. This wasn't exactly a surprise to the contest's organizers because on day one attackers were only allowed to use network-based attacks that involved no user interaction. Those type of attacks are extremely rare these days.

Trackback

Day One: CanSecWest PWN to OWN Results

Comments post a comment

Links To This Post

Published Advisories

Upcoming Advisories

Blog Entries