TippingPoint Digital Vaccine Laboratories
DID YOU KNOW... At the 2007 Black Hat Briefings in Las Vegas, TippingPoint DVLabs had five speakers presenting on a variety of topics.

Pwn2Own 2010

Last update: 2010-03-26
Updated with: Apple, Microsoft and Mozilla have received the Pwn2Own vulnerability reports. http://www.zerodayinitiative.com/advisories/upcoming/ ZDI-CAN-760, ZDI-CAN-761, ZDI-CAN-762, ZDI-CAN-763.
For real-time updates: Twitter: @TheZDI Hash tag: #pwn2own

The TippingPoint Zero Day Initiative (ZDI) is proud to announce that the annual Pwn2Own contest is back again this year at the CanSecWest security conference held in Vancouver, BC on March 24th 2010. As the contest name implies, if you successfully exploit a target you get to keep it along with a ZDI cash prize and related benefits. This is our 4th year running and to commemorate we have increased the total cash prize amount to $100,000 USD. If you're unfamiliar with the past history of this competition check out the archived 2008 and 2009 blog entries.

This year the competition will have two main technology targets. In keeping with tradition the first portion of the event will attempt to bring to light the current security posture of market-leading web browser and operating system pairings. The multifaceted web browser continues to occupy a critical presence on the client-side attack surface. As Adobe, Google, and an estimated 30 other companies affected in the Aurora incident can attest to, the security posture of these products merits a yearly public evaluation by the research community at large.

The second portion of Pwn2Own 2010 offers bounties for vulnerabilities affecting mobile phones. The increased presence and capabilities of smart phones has brought with it the same security issues and attention traditionally reserved for non hand-held platforms. Vulnerabilities in parsing media, dynamic web content, e-mail, and other client-side issues have been published in the past. Additionally, many of the communication protocols that mobile phones implement are the focus of a burgeoning field of security research (ex: Lackey/Miras, Langlois, Bailey). The data stored and communicated across these devices is increasing in value to attackers.

Registration

Pwn2Own will be held over the course of three days starting on March 24th with the browser and the mobile contests running concurrently. To register for the competition, send us an e-mail at ZDI@tippingpoint.com. Competitors will be assigned a random half hour time slot.

Following the Contest

This blog entry will be updated frequently and serve as the main point of information dissemination. Additionally, you can get real-time updates and provide real-time feedback via our ZDI Twitter account @theZDI and hashtag #pwn2own.

Please direct all press inquiries to: Jennifer Lake <jlake@tippingpoint.com>

Target: Web Browsers

$40,000 of the total $100,000 cash prize pool is allotted to the web browser portion of the contest, each target is worth $10,000. The browser targets this year will include the latest versions of Microsoft Internet Explorer, Mozilla Firefox, Google Chrome and Apple Safari.

To highlight the efficacy of operating system level protections we have structured the ZDI bonus point amounts to reflect the difficulty of exploitation. Once a target has been successfully compromised it will be removed from the competition. Thus, a successful day one attack on a specific browser must overcome the latest and greatest flagship operating system with all exploit mitigations activated in their default state.

Day 1

The target pairings for day one are:
  • Microsoft Internet Explorer 8 on Windows 7
  • Mozilla Firefox 3 on Windows 7
  • Google Chrome 4 on Windows 7
  • Apple Safari 4 on MacOS X Snow Leopard
In addition to the underlying laptop and $10,000 USD cash prize, successful competitors on day one receive 20,000 ZDI bonus points which immediately qualifies them for Silver standing. Benefits of ZDI Silver standing include a one-time $5,000 USD cash payment, 15% monetary bonus on all ZDI submissions in 2011, 25% reward point bonus on all ZDI submissions in 2011 and paid travel and registration to attend the DEFCON Conference in Las Vegas.

Day 2

The target pairings for day two are:
  • Microsoft Internet Explorer 7 on Windows Vista
  • Mozilla Firefox 3 on Windows Vista
  • Google Chrome 4 on Windows Vista
  • Apple Safari 4 on MacOS X Snow Leopard
In addition to the underlying laptop and $10,000 USD cash prize, successful competitors on day two receive 15,000 ZDI bonus points which immediately qualifies them for Bronze standing. Benefits of ZDI Bronze standing include a one-time $1,000 USD cash payment and a 10% monetary bonus on all ZDI submissions in 2011.

Day 3

The target pairings for day three are:
  • Microsoft Internet Explorer 7 on Windows XP
  • Mozilla Firefox 3 on Windows XP
  • Google Chrome 4 on Windows XP
  • Apple Safari 4 on MacOS X Snow Leopard
In addition to the underlying laptop and $10,000 USD cash prize, successful competitors on day three receive 9,999 ZDI bonus points which puts them just one ZDI submission away from Bronze standing for the year ;-)

Hardware Prizes

The available laptops prizes are:
  • Apple Macbook Pro 15"
  • HP Envy Beats 15"
  • Sony Vaio 13"
  • Alienware M11x

Target: Mobile Phones

$60,000 of the total $100,000 cash prize pool is allotted to the mobile phone portion of the contest, each target is worth $15,000. A successful hack on these targets must result in code execution with little to no user-interaction. Expect updates on the rules as the contest approaches. The current target list is as follows:
  • Apple iPhone 3GS
  • RIM Blackberry Bold 9700
  • Nokia E72 device running Symbian
  • HTC Nexus One running Android
In addition to the mobile device and $15,000 USD cash prize, successful competitors will receive 20,000 ZDI bonus points which immediately qualifies them for Silver standing. Benefits of ZDI Silver standing include a one-time $5,000 USD cash payment, 15% monetary bonus on all ZDI submissions in 2011, 25% reward point bonus on all ZDI submissions in 2011 and paid travel and registration to attend the DEFCON Conference in Las Vegas.

Any non remote code execution entries accepted by the judges reduces the point giveaway to 9,999 ZDI bonus points which puts the competitor just one ZDI submission away from Bronze standing for the year ;-)

Time Slots

We recorded a random drawing today with all the registered competitor names:


Here are the results, in order:
  1. PWNED! Vincenzo Iozzo and Ralf Philipp Weinmann - iPhone
  2. PWNED! Charlie Miller - Safari
  3. Nils - Safari (prize claimed)
  4. PWNED! Peter Vreugdenhil - Internet Explorer 8
  5. MemACCT - Internet Explorer 8 (prize claimed)
  6. Anonymous - Nokia
  7. Anonymous - iPhone (prize claimed)
  8. PWNED! Nils - Firefox
There are still prizes to be claimed, registration is open.

Competition Results

Vincenzo Iozzo and Ralf Philipp Weinmann succeeded in exploiting the iPhone in the first time slot. They exploited a Safari vulnerability with a payload which retrieved the text messages from the device.

Charlie Miller (Twitter: 0xcharlie) competed successfully for the third year in a row, taking home the MacBook Pro via a Safari exploit which delivered a full command shell payload.

Peter Vreugdenhil (Twitter: WTFuzz) succeeded against Internet Explorer 8 on Windows 7 64bit taking home the HP Envy Beats. His exploit was quite impressive from a technical impressive, bypassing all the anti-exploitation features.

Nils from MWR InfoSecurity (Twitter: MWRLabs) closed out the day with the successful of Firefox on Windows 7 taking home the Sony Vaio. He utilized the quintessential calc.exe launching payload.

The remaining registered competitor is scheduled against the Nokia but is currently missing in action.

As the luck of the draw would have it Nils on Safari, MemACCT on IE 8 and Anonymous on iPhone lost their time slots as the prizes had already been claimed. Their vulnerabilities are still eligible for submission through the Zero Day Initiative.


Tags:
Published On: 2010-02-15 16:41:27

Comments post a comment

  1. Anonymous commented on 2010-02-15 @ 17:00

    Does opening an email count as a valid vector on the mobile phones?

  2. Abdullah commented on 2010-02-16 @ 11:56

    "...Prizes for PWN2OWN now at $50,000! #CanSecWest. To answer, yes, only open to conference attendees."
    ... http://twitter.com/dragosr/status/8891784937

    How come :( Do we really need to pay (CDN $1400 - CDN $2100 CanSecWest registration fee) to get in the Pwn2Own competition ?

  3. Ricky Laishram commented on 2010-02-16 @ 13:47

    Is there any reason that Ubuntu was excluded from the contest after the 2008 event?
    I would love to see how Ubuntu (or any other Linux OS) fares.

  4. BitCrazed commented on 2010-02-16 @ 18:56

    Why isn't Chrome being tested on OSX and Linux?

    And why is Linux completely missing from the matrix? That indicates a rather unfortunate bias and calls into question the validity and the entire point of these contests, no?

  5. Anonymous commented on 2010-02-17 @ 04:22

    No Windows Mobile target? I guess that's just too easy a target and you might as well give the money to the first person walking past.

  6. DooMMasteR commented on 2010-02-17 @ 04:57

    If someone would break the Milestone, that would be a Milestone, also because nearly all future motophones will incorp the Milestones security features which seem unbreakable so far.

  7. Poseidon commented on 2010-02-17 @ 05:06

    Would be great if the Motorola Android Device would be a Milestone, the Droid already runs custom ROMs, but the Milestone has a tight chain of trust preventing a change of the boot (linux kernel) and recovery partitions.

  8. MauiMauer commented on 2010-02-17 @ 06:02

    Well, the DROID is already pretty hacked, since Motorola seemed to forgot about enabling the signature checks on the firmware like they did on the european version of the DROID which is called MILESTONE.

    @Pwn2Own: So would you mind including the MILESTONE as possible target for an Motorola Android Phone? AFAIK, the MILESTONE is due to be released in the U.S. for Non-Verizon Networks pretty soon. Cracking a hole in that nasty "tivoisation" of an otherwise great phone should be a real challenge.

  9. Anonymous commented on 2010-02-17 @ 07:12

    Please consider hacking a Motorola Milestone instead of a Droid.
    It's nearly the same, but it has many Signature checks that prevent it from booting a custom kernel, which works for the Droid.
    Custom ROMs would really benefit from this

  10. Anonymous commented on 2010-02-17 @ 08:47

    E62?!?!?!

    That's positively ancient - I expected an E72, E52 or even an N97! The E62 was released in 2006 - and the rest are recent products.

    WAT?

  11. Anonymous commented on 2010-02-17 @ 11:26

    Some questions:
    * Why IE 7 on Vista and XP? IE8 installs on both of them.
    * Will standard user account be used on Win7 / Vista?
    * Will FireFox be set to use low integrity level in Win7 / Vista?
    * FireFox on Ubuntu would be nice to have, too.

  12. The_Outrider commented on 2010-02-17 @ 12:44

    What is considered a valid hack?

    Getting a command line on the target computer?

    Or defacing the browser?

    Or Installing malicious code within the browser to gimme all their cookies/passwords/etc?

    Or Yes to all of the above?

  13. Curious commented on 2010-02-17 @ 12:54

    Since you are not including any Linux or BSD variant this year, is it safe to assume you are being paid by Microsoft to exclude it?

  14. Aaron Portnoy commented on 2010-02-17 @ 14:20

    @Anonymous regarding email as a vector:
    Yes, opening an e-mail will be a valid attack vector on the mobile phones.

    @Abdullah:
    We've had people compete by proxy in the past. If you know someone in attendance, they can act for you.

    @Ricky Laishram:
    Ubuntu and other Linux variants were excluded because they do not hold enough market share as a desktop operating system. Sidenote: why isn't PaX everywhere it should be? Oh, right: http://article.gmane.org/gmane.linux.kernel/706950

    @BitCrazed:
    Chrome can be tested on OS X if a competitor requests it, I see no reason not to. On Linux, however, it is not going to be allowed for the same reason as stated above.

    @Anonymous regarding Windows Mobile:
    We decided not to include a Windows Mobile Target because we decided it isn't popular enough and is not as interesting a target as the others.

    @DooMMasteR, Poseidon, MauiMauer, Anonymous regarding the Milestone:
    We are still considering a few devices for the Android platform. Check back on this page for updates once we get ahold of the actual devices. As for the E62, that might also change to a different model.

    @Anonymous regarding browsers:
    IE7 on those platforms because express updates will not push IE8 on the user, but it will upgrade IE6-7. Regarding user accounts, we will create a user with Administrative privileges on Win7 and Vista. Firefox will be installed in a default state (it doesn't ask about integrity levels by default).

    For questions about the rules and eligibility, please e-mail the press contact as listed above.

  15. Dragos Ruiu commented on 2010-02-18 @ 03:14

    Abdullah: if you look back at the historical winners you'll see that often exploit authors find a proxy attendee to front their PWN2OWN entry. Consider the challenge of competing if you are not a registrant a "you must be this tall to ride this ride" bar, as the stipulation that only registrants can compete doesn't seem to have been a serious limitation to anyone in the past - the contestants seem to be a resourceful and enterprising lot, comes with the territory.

  16. Rafael commented on 2010-02-18 @ 08:21

    Why isn't Opera at this fucking thing again?

  17. Anonymous commented on 2010-02-18 @ 11:07

    Rafael: It could be because we don't surf wikipedia enough? :D
    http://en.wikipedia.org/wiki/Usage_share_of_web_browsers

  18. Anonymous commented on 2010-02-18 @ 13:02

    Why Firefox 3 instead of Firefox 3.6?

  19. Hif commented on 2010-02-18 @ 13:32

    It's pretty silly to not even include Opera. It's the #1 mobile browser and all that. Also, it's the most secure desktop browser.

  20. MarkG commented on 2010-02-21 @ 05:56

    Clearly Opera is being deliberately left out here, it's got the BIGGEST mobile marketshare (bigger than iPhone and Blackberry combined), and it's desktop browser has more marketshare (globally) than Safari.

    I wonder what they are so scared of? Failing?

  21. Eralper commented on 2010-02-22 @ 03:21

    I believe this contest series is a leading event for software vendors creating more secure applications. This is valid also for users of those applications, I'm waiting the results of the web browsers. The results will affect my desicion on the web browser that I'll use for the next year.

  22. Anonymous commented on 2010-03-02 @ 09:22

    @ Aaron Portnoy
    "Ubuntu and other Linux variants were excluded because they do not hold enough market share as a desktop operating system."
    On what information did you base this on? Just curious.

  23. Anonymous commented on 2010-03-04 @ 14:39

    What is Ubuntu just to tough, so rather than calling them the champion we will just exclude them.

  24. Anonymous commented on 2010-03-20 @ 23:07

    In this thread: a bunch of fucking idiots who can't understand that the selection of targets is dictated by market share.

  25. mbt shoes commented on 2010-03-22 @ 01:48

    I'm agree with you,it's very interesting,thank you for the information!

  26. Anonymous commented on 2010-03-22 @ 14:48

    It does indeed seem like the selection of targets is dictated by market share. Or rather to keep that market share intact among the targets!

  27. optyk phyba commented on 2010-03-24 @ 21:38

    i was just wondering whether the x64 versions of IE8 and firefox were allowed? or was that up to the competitor to decide? considering that win7x64 was used i would have thought that IE8x64 would be a valid target as it ships with every version of win7x64.
    personally i use the x64 versions of both IE8 and firefox and only use opera if i need to view a flash based web site which isn't often.

  28. Anonymous commented on 2010-03-25 @ 02:55

    no Opera ?

  29. Øyvind S. commented on 2010-03-25 @ 04:14

    Can you guys PLEASE get you heads out of your asses and include Opera in this, already??

    Opera runs on HUNDREDS of different devices! See this list:
    http://www.opera.com/mobile/download/devices/

    Opera is the #1 mobile browser in the world:
    http://gs.statcounter.com/#mobile_browser-ww-monthly-200910-200910-bar

    So, you better have a good explanation this year!

  30. Anonymous commented on 2010-03-25 @ 04:20

    Excluding Linux because "not enough market share" is just an arbitrary excuse. How do you define "not enough"? In this case it seems to be defined as "more market share than Linux, less market share than OS X".

  31. Øyvind commented on 2010-03-25 @ 04:25

    Opera runs on hundreds of different phones:
    http://www.opera.com/mobile/download/devices/

    Opera is the #1 mobile browser in the world:
    http://gs.statcounter.com/#mobile_browser-ww-monthly-201003-201003-bar

    So, stating that Opera has too low a market share on mobile is ridiculous.

  32. deadhead commented on 2010-03-25 @ 06:54

    They left Opera out cause they KNOW they cant hack Opera an do not want the EMBARRASSMENT of national news that couldn't hack Opera 10.50!

    Same goes for Linux.

    Hahaha. "M***S"

  33. Joffemannen commented on 2010-03-25 @ 07:56

    What are the conspiracy theorists getting at in these comments? The platforms/browsers are chosen to support those vendors? But they will be hacked? How would that maintain the market share status quo?

  34. deadhead commented on 2010-03-25 @ 09:34

    They left Opera out cause they KNOW they cant hack Opera an do not want the EMBARRASSMENT of national news that couldn't hack Opera 10.50!

    Same goes for Linux.

  35. Anonymous commented on 2010-03-25 @ 09:55

    Good work. But I have a few questions:
    1. Why was opera excluded?
    2. Why was ubuntu excluded?
    3. Why was Windows Mobile excluded?
    4. Since Chrome, Firefox and Opera have browsers that run on all major Operating systems, wouldn't testing the same browser on different OSes reflect on the security of each OS?

  36. Buster B commented on 2010-03-25 @ 10:45

    Wait a minute... how is getting a user to visit a malicious website meeting the rule of 'little to no user-interaction'?

    It strikes me the iPhone "exploit" relies heavily on social engineering and little on computer engineering. I want to see someone hack an iPhone with *no* interaction what-so-ever. It's hardly sound engineering to rely on stupidity for your design to succeed. And it sounds like zero interaction would cause epic fail to ensue.

    But I guess that wouldn't draw in the attention and the dollars, would it?

  37. Matt commented on 2010-03-25 @ 12:55

    Really? Not a single Opera exploit? I guess my phone is safe then?
    How hard would it be to include it? Would failure every year really put you guys down?

  38. Marcelo Nascimento commented on 2010-03-25 @ 12:55

    If the market share and popularity was considered, why the browsers wasn't installed on Windows XP on first day, as it hold the biggest market share? See at http://en.wikipedia.org/wiki/Usage_share_of_operating_systems

  39. Anonymous commented on 2010-03-25 @ 14:08

    As an Opera afficionado, and particularly noting the javascript performance enhancements with 10.50 and recent further updates in 10.51, it's almost painful to watch the flailing around trying to avoid talking about it, using bits like 'market share' as if they meant anything in the world of security as anything other than "how many units can we hack with this", or 'not open source' as if MSIE was either.

    even with a marketshare of 3-4% you're still talking about tens of millions of users.

    With new tech like Opera Unite, you'd think there would be even more vectors with which to play and test, but oh agony, marketshare.

    Opera's a great browser, making great strides, and bringing cool new stuff to the table. It's about damn time people started noticing that. And they release builds for a multiplicity of linux distros. Kudos to them for that.

    No, they're not open source. But it is still free.

  40. sQk commented on 2010-03-25 @ 15:47

    Hmm, I'm thinking that the marketshare data might be a bit off, due to the fact that some browsers, Opera for example, has a setting to identify it as IE or something else.
    Opera recently improved its performance, and is now up there in the top 3's performance wise.

    I think that Opera should be included in the competition. aswell as other browsers not running on their "mother OS" , Safari on windows for example.

    The results of pwn2own is definately a major factor in choosing a browser.

  41. Anonymous commented on 2010-03-25 @ 16:08

    Of course. Because the Linux market share for servers isn't bigger than the OS X market share on desktops...

  42. Anonymous Freetard commented on 2010-03-25 @ 16:35

    I call BS! Total BS!
    So Ubuntu was major enough to be in and win the little contest 2 years ago but not now? What happened?? What did I miss?? Was there a mass migration of Desktop Linux users back to Windoze? Did Ubuntu shut down and stop production? WTF?

    The installed base of Desktop Linux is **AT LEAST** as big as that of the iPhone. BS!
    http://www.focus.com/fyi/information-technology/50-places-linux-running-you-might-not-expect/

  43. Anonymous commented on 2010-03-25 @ 17:00

    "Ubuntu and other Linux variants were excluded because they do not hold enough market share as a desktop operating system."

    Bullshit.

  44. Doc Atomic commented on 2010-03-26 @ 13:23

    Regarding OS/apps selection: while I do understand Mr. Portnoy's point, I also sympathise with the views of the objectors. Accordingly, I wish to suggest a compromise: retain the existing Pwn2Own direction and 'Corporate' focus, for that does serve to draw the attention and funding; however, consider expanding the agenda by one additional contest event, to be run as a 'follow-up' event after the completion of the main ones.

    This suggested additional 'follow-up' contest event would have an entirely different focus, however: specifically, it would be an event offering a cash prize for the most secure system(s). Its contestants would each in turn submit their systems to various attacks launched by the winners of the previous events; the system that stands the longest wins the prize, but the system itself in turn must then become the property of the person(s) or organisation(s) responsible for putting up said cash prize initially. Attackers are allotted a period of one year to break into this event's contested systems; in other words, the duration of time between the main Pwn2Own events. Any successful exploits must be publically disclosed, and the information learned may then be incorporated into the next year's entrant systems.

    The overall goal would be to find the most secure platform, system, and application(s). I should think that perhaps various Governments and branches of the Military may be interested in sponsoring such an event, as well as possibly some major financial institutions.

  45. Drew O'Connor commented on 2010-03-26 @ 13:27

    "Google Chrome remains untested and the last browser standing as of Day 2."

    Does untested mean they haven't tried to hack it, or that so far all attempts to hack it have failed?

  46. Anonymous commented on 2010-03-26 @ 18:00

    Well, they took their sweet time, but the freetard brigade has finally arrived in full force.

  47. Angry as well commented on 2010-03-27 @ 10:28

    I don't care if Linux has low desktop market share or not, It's still very relevant since most servers run on Linux. Mainly because it's considered so secure. That makes Linux very interesting platform for me.

    Leaving Opera out was expected from US-centric competition, but nevertheless disappointing.

  48. Winston Smith commented on 2010-03-27 @ 10:40

    NOW THIS is the way ALL software should be tested!
    Set a company test budget for Each UNIQUE (be generous) Crack Found for a particular piece of software or "patch" on a specific target. Cracker wins a rather large prize, different ways in/around are also covered.... And the game begins what it was on my multi-High School PDP-10, Points for cracking, access to the machine room WHEN you fix it, or for friend who does same. We had the most secure KA-10/TOPS-10 system in the nation, anyone who adopted patches supplied DECUS were days behind (when software was SENT on DECTape or punched paper tape.
    BONUS PRIZE:Should be awarded for each unique crack of the "patch". It's a hell of a lot better than the way most folks usually find out. DUD PRIZE: 48 Hrs after hole is found, it becomes VERY public.
    Here comes a candle to light you to bed...
    AnotherWinston

  49. Anonymous commented on 2010-03-27 @ 15:14

    I would call the linux not there total bullshit. More i would call that it was probably paid by M$ for linux to not appear in Pwn2Own. It made a bad PR in 2008 when Windows failed while Ubuntu survived. While it may be hard to try to break into 300 distros out there but at least one Linux distro shoudl appear. I call it total corruption with M$'s money (considering even M$'s slideshow showed Linux as having more user share than Mac!!).

  50. Anonymous commented on 2010-03-28 @ 02:14

    The reason why Linux is not included can be summed up in Two words AppArmor.

  51. Hector Macias Ayala commented on 2010-03-28 @ 14:08

    Why Safari on Snow Leopard only? There is FF, Opera, Chrome and IE for Snow Leopard, and theres Safari for windows too.
    Why is Opera excluded again?
    Theres a FF 3.6, you know?

    Which other security solution is installed in the system? Norton IS, COMODO, Avast, etc.?

  52. Anonymous commented on 2010-03-29 @ 01:23

    Still no opera?
    It's a great mistake not including Opera in this test? What the hell are you thinking about?
    Definitely your test will not do anything but to support Google Chrm! But I want to say it has no guiding use for the browser choice, because it DO NOT include OPERA!
    Are you all Google Geeks? May be you should send resume to Google to get a position there, dont forget to mention this GREAT campaign in your experience!

  53. Anonymous commented on 2010-03-29 @ 01:28

    Still no opera?
    Have you every use it? or you may know how powerful the browser it is!
    No Opera means the test is nothing but ads!

  54. MM commented on 2010-03-31 @ 01:16

    "Ubuntu and other Linux variants were excluded because they do not hold enough market share as a desktop operating system":

    As security is the focus here, Linux should be included. It is fair for people to think tippingpoint is commercially biased here, because the argument 'market share' does not hold.

    "...and http://en.wikipedia.org/wiki/Usage_share_of_web_browsers":

    As IE, FF & Safari fail all the time, shouldn't be the focus be on to find more secure alternatives? (Be it alternatives which are still good enough to be used both in a production and home environment.) 'Market share' is not a valid argument on itself.

    "...a bunch of fucking idiots who can't understand that the selection of targets is dictated by market share.":
    The point is not that such in not understood (which is false); the point is that such is not agreed upon (that it is a valid argument). So the idiot here is you.

    "What are the conspiracy theorists getting at in these comments? The platforms/browsers are chosen to support those vendors? But they will be hacked? How would that maintain the market share status quo?":

    That would maintain the market share status quo, as no 'more secure alternatives' are presented/tested. Thus, the general user who never heard of Linux or Opera, will not use that, even if such would be much more secure.

    While i do not think Opera is 100% secure (if you believe MS, it even falls veeeeery far behind IE, security wise), it is still an epic fail to not include it. Ubuntu should be included too.

    While Aaron Portnoy tells us basically that Linus is wrong not wanting to use PaX, tippingpoint itself is wrong not wanting to use Linux, which is considered much more secure by most (also without PaX). Shouldn't the goal be to find the most secure setup? And then promote that setup. Yes, it should.

  55. Anonymous commented on 2010-04-01 @ 10:43

    Marketshare bs.

    Instead of leaving out Linux, put a higher prize on it, same for other software with "lower" market share. That would make them more attracting. This is the only way this competition would ever be fair.

  56. Karpacz commented on 2010-04-04 @ 09:11

    It looks really nice.

  57. Berrie commented on 2010-04-11 @ 07:07

    Thx for sharing this much apreciated!

  58. MacBook Pro 15 commented on 2010-07-19 @ 17:01

    Very interesting information, thank you for the info.

  59. Martin DX1 commented on 2010-07-25 @ 01:50

    Would failure every year really have that effect?? How safe is my phone then?

  60. cindy commented on 2010-07-25 @ 09:09

    It's pretty silly to not even include Opera. It's the number 1 mobile browser ive been told. And it's the most secure desktop browser or am i being miss informed on that one?

  61. Phil commented on 2010-07-25 @ 21:01

    Some nice prizes, impressive stuff. These guys should be working for large companies helping them counter hackers.

    I was watching Catch Me if you can last night, you know the film about the con artist who done the counterfiet cheques and went onto work for the FBI against cheque fraud. Reminds me of this as is sorta similar. I'm just talking crap now but I hope I make some sense? Anyway well done to the winner!


    free gadgets

  62. alexwfix commented on 2010-07-27 @ 08:07

    Why are you not using the later version of Firefox? Please clear us.

  63. Buy Sophos commented on 2010-07-30 @ 13:16

    This guys really did well but it would really be great to see how well they can do it in Linux. I bet it will be harder.
    I really hope they will include Linux platforms and add Chrome to the browsers...

    Best Regards...

  64. Anonymous commented on 2010-08-04 @ 18:32

    Mobile is definately the way to go! Great competition, Thnx for having it and congratulations to all the winners!

  65. Alex from Unlock blackberry torch commented on 2010-08-10 @ 13:28

    I was just wondering why there's a lot of excluded in the contest? Is it because the above mentioned were not that good in the market? or is it harder to hack them? That's just my thought about he contest. Well anyway, great prizes for the winners. Congratulations!

  66. Anonymous commented on 2010-08-10 @ 18:09

    Well, they took their sweet time, but the freetard brigade has finally arrived in full force.

  67. iphone commented on 2010-08-11 @ 00:26

    I would call the linux not there total bullshit. More i would call that it was probably paid by M$ for linux to not appear in Pwn2Own. It made a bad PR in 2008 when Windows failed while Ubuntu survived.

  68. Windows XP Support commented on 2010-08-11 @ 22:55

    I think Flock browser is the one of the best fast and stable browser. It is equivalent as Mozila Firefox.Flock is built on the Mozilla Firefox open-source browser, so it has all the features you've come to expect in a high-quality web browser.

  69. Upbids commented on 2010-08-12 @ 16:00

    Thanks for sharing this information!

  70. John Taylor commented on 2010-08-12 @ 20:03

    Great Post my friend!
    I have my Iphone4 and I bought a Black Case Iphone online.

    Have a great dayyyyy everybody!

    John

  71. Rebecca DeWitt, Raleigh IT Support commented on 2010-08-15 @ 11:41

    Wow, I am SO bummed out that I missed this contest. However, you mention that this isn't the first time you've held the contest, so I'm going to bookmark your website and become a frequent visitor so I can take advantage of any future contest you hold.

  72. Peter commented on 2010-08-28 @ 07:59

    No competition for Android O/S?

  73. Security Access Control commented on 2010-09-02 @ 15:57

    Yes, I too was disappointed that I missed out on this contest. Any updates as to when another will be held? Capitalism at work! I like it!

  74. S K George commented on 2010-09-13 @ 07:23

    With so many browsers floating in the market, it is the common customer at the receiving end. With so many claims and counter claims, selecting the right browser is so difficult. Wondering if some standards could be set up and enforced by some regulatory bodies to save the customers from unknown security breaches.

    The companies selling the browsers must be made responsible for security breaches and the resultant loses.

  75. hesus Fish commented on 2010-09-27 @ 09:32

    This competition is healthy and great and has the possibility of enhancing the software so not to be hacked and most of all protect the innocent users out there which have many of their valuable personal information on all these devices, again excellent competition, excellent blog.

  76. Buy Rosetta Stone Russian commented on 2010-11-11 @ 21:15

    Thanks for taking the time to write that, I found it very educational. If you get a chance you should visit my site as well. I hope you have a great day!

  77. realizzazione siti web commented on 2010-12-22 @ 09:30

    molto interessante..grazie

  78. Free Slots No Download commented on 2011-02-04 @ 11:14

    Pwn2Own is a contest that has good intentions using bad tech. The prize is astounding, considering the difficulties, they are a small price compared to the real prize of identifying the holes.

  79. used mobile commented on 2011-03-04 @ 06:37

    Pwn2Own contest’s features vulnerabilities in parsing media, dynamic web content, e-mail, and other client-side issues have been published in the past. Many of the communication protocols that new and used mobile phones implement are the focus of a burgeoning field of security research.
    http://www.imobile.pk/mobiles/index.php?mod=mobiles&func=displayListing&mob_type=sale&auctype=1&viewtype=2
    That’s brilliant. PWN2own 2010 is very famous contest; I think this kind of contest should be held for the purpose of awareness and security.

  80. jack jones commented on 2011-05-04 @ 17:43

    hi
    Very interesting post, liked it very much, thanks.

  81. Internet Security commented on 2011-05-20 @ 15:35

    What is the deal for 2011? Is there going to be another contest. I never heard about this in 2010, I would have wanted to participate. Please email me regarding 2011 and beyond. I am freakishly obsessed with internet security and this sounds so fun!

  82. Jonas commented on 2011-06-01 @ 10:18

    When will Pwn2Own 2011 be held? Or has it been already?

  83. Frisør commented on 2011-07-15 @ 04:45

    Nice share thanks :-)


Links To This Post

  1. Pwn2Own 2010 Announced : Liquidmatrix Security Digest
    linked on 2010-02-15 @ 21:13 Show Comment

    Article Link

  2. Hackers testen veiligheid Firefox, IE, Chrome en Safari | Lost in the Noise
    linked on 2010-02-16 @ 04:59 Show Comment

    Met een beloning van 100.000 dollar in het vooruitzicht gaan hackers de veiligheid van Internet Explorer, Firefox, Google Chrome en Safari testen. De Pwn2Ownwedstrijd is onderdeel van de CanSecWest beveiligingsconferentie en vindt voor de vierde keer plaats. Drie dagen lang zullen onderzoekers proberen of ze via de browser het onderliggende besturingssysteem kunnen overnemen.

  3. Tipping Point kndigt Hacker-Wettbewerb Pwn2Own 2010 an - Security | News | ZDNet.de
    linked on 2010-02-16 @ 05:10 Show Comment

    ... Empfehlen Drucken Trackback Bookmark Kommentar verfassen Er findet ab 24. Mrz auf der Sicherheitskonferenz CanSecWest statt. Tipping Point sucht neue Schwachstellen in Browsern und mobilen Betriebssystemen. Die Preisgelder betragen insgesamt 100.000 Dollar.Tipping Point hat den Hacker-Wettbewerb Pwn2Own 2010 angekndigt. Wie in den vergangenen Jahren findet er auf der Sicherheitskonferenz CanSecWest statt. Im Vergleich zum Vorjahr hat das Sicherheitsunternehmen die Preisgelder deutlich erhht. Hacker sollen fr das Aufspren von Sicherheitslcken insgesamt 100.000 Dollar erhalten.

  4. Pwn2Own 2010: Bulls-eye on smartphones, browsers | Zero Day | ZDNet.com
    linked on 2010-02-16 @ 09:38 Show Comment

    According to ZDI’s Aaron Portnoy, the big focus this year will be on vulnerabilities affecting mobile devices. The second portion of Pwn2Own 2010 offers bounties for vulnerabilities affecting mobile phones. The increased presence and capabilities of smart phones has brought with it the same security issues and attention traditionally reserved for non ...

  5. Hack Smartphones And Browsers For A Chance To Win Up To 0k In Cash Prizes [Random] | Random & Misc | BlackBerry Rocks!
    linked on 2010-02-16 @ 09:55 Show Comment

    This year the Pwn2Own competition sponsored by 3Com TippingPoint will include up to $100,000 in cash prizes. One of the targets in this year’s competition is a BlackBerry Bold 9700 where a successful hack can win you $10,000. Hack a smartphone in a day and win $10,000…sounds like a good deal! It’s not easy though which is why the cash prizes are so high.

  6. Plaats hier software gerelateerd nieuws! - Page 18
    linked on 2010-02-16 @ 11:38 Show Comment

    Hackers testen veiligheid Firefox, IE, Chrome en Safari. Met een beloning van 100.000 dollar in het vooruitzicht gaan hackers de veiligheid van Internet Explorer, Firefox, Google Chrome en Safari testen. De Pwn2Own wedstrijd is onderdeel van de CanSecWest beveiligingsconferentie en vindt voor de vierde keer plaats. Drie dagen lang zullen onderzoekers proberen of ze via de browser het onderliggende besturingssysteem kunnen overnemen. De eerste dag is het de beurt aan IE, Firefox en Google Chrome op Windows 7, ...

  7. Invadir smartphone poderá render até US$ 15 mil em evento hacker | Notícias Digitais
    linked on 2010-02-16 @ 12:01 Show Comment

    O evento, chamado Pwn2Own, terá início em 24/3 e fará parte da conferência de segurança CanSecWest, em Vancouver. Somados, os prêmios totalizam 100 mil dólares, que serão pagos pela 3Com Tipping Point, a patrocinadora do concurso.

  8. Pwn2Own hacking competion is back again – This time with $100K prize money
    linked on 2010-02-16 @ 14:48 Show Comment

    [via DVLAbs] var wordpress_toolbar_urls = ["http:\/\/dvlabs.tippingpoint.com\/blog\/2008\/03\/19\/cansecwest-pwn-to-own-2008","http:\/\/dvlabs.tippingpoint.com\/blog\/2009\/02\/25\/pwn2own-2009","http:\/\/dvlabs.tippingpoint.com\/blog\/2010\/02\/15\/pwn2own-2010"];var wordpress_toolbar_url = "";var wordpress_toolbar_oinw = "oinw";var wordpress_toolbar_hash = "aHR0cDovL2RpZ2l0aXpvci5jb20vMjAxMC8wMi8xNy9wd24yb3duLWhhY2tpbmctY29tcGV0aW9uLWlzLWJhY2stYWdhaW4tdGhpcy10aW1lLXdpdGgtMTAway1wcml6ZS1tb25leS88d3B0Yj5Qd24yT3duIGhhY2tpbmcgY29tcGV0aW9uIGlzIGJhY2sgYWdhaW4gJiM4MjExOyBUaGlzIHRpbWUgd2l0aCAkMTAwSyBwcml6ZSBtb25leTx3cHRiPmh0dHA6Ly9kaWdpdGl6b3IuY29tPHdwdGI%2BRGlnaXRpem9y";

  9. Invadir smartphone poderá render até US$ 15 mil em evento hacker | Notícias Tecnologia
    linked on 2010-02-16 @ 17:17 Show Comment

    O evento, chamado Pwn2Own, terá início em 24/3 e fará parte da conferência de segurança CanSecWest, em Vancouver. Somados, os prêmios totalizam 100 mil dólares, que serão pagos pela 3Com Tipping Point, a patrocinadora do concurso.

  10. Gli hacker pronti per Pwn2Own « Macworld Online
    linked on 2010-02-16 @ 17:34 Show Comment

    Le ultime notizie su Pwn2Own si trovano sul blog di DvLabs. var addthis_brand = 'Macworld';var addthis_language = 'it';var addthis_options = 'print, email, facebook, twitter, favorites, friendfeed, digg, myspace, google, live, printfriendly, more';

  11. Pwn2Own op 24 maart: hack een iPhone, win 10.000 dollar - iPhone - iPhoneclub.nl
    linked on 2010-02-17 @ 02:31 Show Comment

    Meer info: Tipping Point --

  12. Pwn2Own 2010, chi verrà “bucato” per primo? - Geekissimo
    linked on 2010-02-17 @ 03:07 Show Comment

    Centomila dollari, suddivisi in due premi da quarantamila e sessantamila bigliettoni. Ecco la spaventosa cifra messa a disposizione dalla società di sicurezza TippingPoint agli hacker che a Vancouver, dal prossimo 24 marzo, si sfideranno al Pwn2Own 2010, per “bucare” i browser e i cellulari più “in” del momento.

  13. Pwn2Own 2010 Hack Contest ‘IE8 on Windows 7 vs. Safari 4 on Snow Leopard’
    linked on 2010-02-17 @ 03:54 Show Comment

    ... hackers target IE7, Firefox 3, and Chrome 4 on Vista and Apple Safari 4 on MacOS X Snow Leopard. In day 3, following browsers will serve as targets for attacks: IE7, Firefox 3, Chrome 4 on Windows XP and Apple Safari 4 on MacOS X Snow Leopard.” stated. To register for the competition, send us an e-mail at ZDI@tippingpoint.com. Loading google.load('search', '1'); google.setOnLoadCallback(function(){ new google.search.CustomSearchControl('012240321471511227919:cz4ngqat5fa').draw('cse'); }, true);

  14. Pwn2Own contest 2010 – total cash prize $100.000 « slash4 tutorials
    linked on 2010-02-17 @ 06:14 Show Comment

    Sounds like an interesting “job” … Read more here

  15. blog.dennyroger.com.br » Blog Archive » Concurso de hackers oferece US$ 15 mil por invasão de smarpthone
    linked on 2010-02-17 @ 07:11 Show Comment

    O evento, chamado Pwn2Own, terá início em 24/3 e fará parte da conferência de segurança CanSecWest, em Vancouver. Somados, os prêmios totalizam 100 mil dólares, que serão pagos pela 3Com Tipping Point, a patrocinadora do concurso.

  16. Halv million kroner på højkant i hackerkonkurrence « Dschool
    linked on 2010-02-17 @ 08:17 Show Comment

    Den fjerde udgave af Pwn2Own-konkurrencen løber af stablen i næste måned og nu har arrangørerne, sikkerhedsfirmaet Tippingpoint, offentliggjort hvordan man kan vinde de 100.000 dollars som præmiepuljen udgør….

  17. Pwn2Own 2010 - Who will fall first? | Hardware 2.0 | ZDNet.com
    linked on 2010-02-17 @ 08:34 Show Comment

    With the annual Pwn2Own contest a little more than a month away (it kicks off March 24th) it’s time for some predictions - which browser will be the first to fall this year?

  18. The PC Doctor’s blog » Blog Archive » Pwn2Own 2010 – Who will fall first?
    linked on 2010-02-17 @ 08:42 Show Comment

    Over on Hardware 2.0 I've put up a poll asking readers which browser they think will be the first to fall at this year's Pwn2Own hacking contest.

  19. Diarionascosto.it V.2.0 - Quanto dura la sicurezza di un iphone (e non solo)? Presto lo scopriremo…
    linked on 2010-02-17 @ 10:37 Show Comment

    Centomila dollari, suddivisi in due premi da quarantamila e sessantamila bigliettoni. Ecco la spaventosa cifra messa a disposizione dalla società di sicurezza TippingPoint agli hacker che a Vancouver, dal prossimo 24 marzo, si sfideranno al Pwn2Own 2010, per “bucare” i browser e i cellulari più “in” del momento. Come tutti voi ben saprete, il Pwn2Own è una delle manifestazioni tra più interessanti del mondo informatico, nel corso della ...

  20. Pwn2Own 2010, el objetivo son los smartphones y navegadores web | OpenSecurity
    linked on 2010-02-17 @ 11:23 Show Comment

    Este año se volverá a organizar una entrega más del ya conocido Pwn2Own, un concurso en el cual los participantes se disputan grandes premios explotando problemas de seguridad en tiempo récord. La nueva entrega se llevará a cabo el próximo 24 de marzo en Vancouver, y los organizadores han anunciado que el concurso se centrará en explotar vulnerabilidades en teléfonos móviles, aunque como es habitual también se dará lugar a los navegadores más populares.

  21. Easier to hack apple than Windows
    linked on 2010-02-17 @ 12:52 Show Comment

    Update: February 2010 PWN2OWN 2010 is scheduled for March 24th in Vancouver, Canada. More details at Tipping Point

  22. Concurso de seguridad Pwn2Own en navegadores, cerca : Noticias2D
    linked on 2010-02-17 @ 15:31 Show Comment

    Pwn2own 2010 acogerá a cientos de afortunados para ver que navegador es o no tan seguro como indican y seguro que más de uno cae primeramente.

  23. Concurso oferece até US$ 15 mil para invasores | InforNews
    linked on 2010-02-17 @ 22:11 Show Comment

    Hackers que estejam dispostos a embolsar uma boa grana podem se preparar para participar do evento Pwn2Own, que distribuirá um total de US$ 100 mil em prêmios.

  24. iPhone 3GS at the Pwn2Own | iPhone Hellas
    linked on 2010-02-18 @ 00:37 Show Comment

    [via everythingicafetippingpointmacworld]

  25. iPhone Under The Targets For Pwn2Own | iPhoneBizBlog
    linked on 2010-02-18 @ 01:03 Show Comment

    The event is sponsored by security firm Zero Day Initiative, who will give out additional cash prizes during the event.

  26. TippingPoint | DVLabs | Pwn2Own 2010 | Seguridad Windows 7 xp vista
    linked on 2010-02-18 @ 01:49 Show Comment

    See original here: TippingPoint DVLabs Pwn2Own 2010 « Space Monkeys: Windows Post Install 2010, Todos los Programas en … SanDisk 2GB microSD Card with Micro Reader »

  27. Pwn2Own 2010 [PL] « h3xite's Blog
    linked on 2010-02-18 @ 02:01 Show Comment

    Pwn2Own 48.856666 2.350987  

  28. Pwn2Own: Internet Explorer 8 vs. Firefox 3 vs. Chrome 4 vs. Safari 4
    linked on 2010-02-18 @ 04:56 Show Comment

    Pwn2Own: Internet Explorer 8 vs. Firefox 3 vs. Chrome 4 vs. Safari 4Written by Vygantas Lipskas on February 18, 2010In the upcoming Pwn2Own contest, hackers will be trying to “pwn” Microsoft Internet Explorer, Mozilla Firefox, Google Chrome and Apple Safari web browsers. Competition will be active for three days, with a total cash prize pool of $40 000, where each target is worth $10 000.

  29. Pwn2Own 2010即将开幕 Chrome能否成功卫冕? » Chrome迷
    linked on 2010-02-18 @ 08:11 Show Comment

    转眼间一年过去了,Pwn2Own 2010即将开幕,本届黑客竞赛上黑客将同样会对Internet Explorer、Mozilla FireFox、Google Chrome以及Apple Safari尝试攻击,比赛为期三天,总奖金高达40000美元,每个目标价值10000美元,具体日程安排如下:

  30. Pwn2Own 2010 a Marzo | Youevent.it
    linked on 2010-02-18 @ 08:28 Show Comment

    Centomila dollari, suddivisi in due premi da quarantamila e sessantamila bigliettoni. Ecco la spaventosa cifra messa a disposizione dalla società di sicurezza TippingPoint agli hacker che a Vancouver, dal prossimo 24 marzo, si sfideranno al Pwn2Own 2010, per “bucare” i browser e i cellulari più “in” del momento. Come tutti voi ben saprete, il Pwn2Own è una delle manifestazioni tra più interessanti del mondo informatico, nel corso della quale una ...

  31. Pwn2Own 2010即将开幕 Chrome能否成功卫冕? | lk910's Blog
    linked on 2010-02-19 @ 20:00 Show Comment

    感谢Chrome迷的投递 在去年的Pwn2Own黑客竞赛上,只有Chrome浏览器没有被黑客攻破,即使黑客声称发现了一个漏洞,但仍然没有办法利用该漏洞,因为Chrome浏览器有沙箱功能。转眼间一年过去了,Pwn2Own 2010即将开幕,本届黑客竞赛上黑客将同样会对Internet Explorer、Mozilla FireFox、Google Chrome以及Apple Safari尝试攻击,比赛为期三天,总奖金高达40000美元,每个目标价值10000美元,具体日程安排如下: You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

  32. Pwn2Own 2010, el objetivo son los smartphones y navegadores web | Shadow Security
    linked on 2010-02-19 @ 00:42 Show Comment

    Este año se volverá a organizar una entrega más del ya conocido Pwn2Own, un concurso en el cual los participantes se disputan grandes premios explotando problemas de seguridad en tiempo récord. La nueva entrega se llevará a cabo el próximo 24 de marzo en Vancouver, y los organizadores han anunciado que el concurso se centrará en explotar vulnerabilidades en teléfonos móviles, aunque como es habitual también se dará lugar a los navegadores más populares.

  33. Pwn2Own 2010即将开幕 Chrome能否成功卫冕? « 每日IT新闻,最新IT资讯,聚合多站点消息,保证你与世界同步
    linked on 2010-02-19 @ 00:46 Show Comment

    在去年的Pwn2Own黑客竞赛上,只有Chrome浏览器没有被黑客攻破,即使黑客声称发现了一个漏洞,但仍然没有办法利用该漏洞,因为Chrome浏览器有沙箱功能。转眼间一年过去了,Pwn2Own 2010即将开幕,本届黑客竞赛上黑客将同样会对Internet Explorer、Mozilla FireFox、Google Chrome以及Apple Safari尝试攻击,比赛为期三天,总奖金高达40000美元,每个目标价值10000美元,具体日程安排如下:

  34. Pwn2Own 2010即将开幕 Chrome能否成功卫冕? « 最新最热网页游戏报道
    linked on 2010-02-19 @ 04:31 Show Comment

    感谢Chrome迷的投递 在去年的Pwn2Own黑客竞赛上,只有Chrome浏览器没有被黑客攻破,即使黑客声称发现了一个漏洞,但仍然没有办法利用该漏洞,因为Chrome浏览器有沙箱功能。转眼间一年过去了,Pwn2Own 2010即将开幕,本届黑客竞赛上黑客将同样会对Internet Explorer、Mozilla FireFox、Google Chrome以及Apple Safari尝试攻击,比赛为期三天,总奖金高达40000美元,每个目标价值10000美元,具体日程安排如下:

  35. Web-Seiten: Pwn2Own 2010, sind sie das Ziel die Smartphones und web-Seefahrer
    linked on 2010-02-18 @ 08:38 Show Comment

    ... Dieses Jahr wird man noch eine Ausgabe von schon gekanntem Pwn2Own, einen Wettbewerb wieder organisieren, in dem die Teilnehmer große Belohnungen bestreiten, Sicherheitsprobleme in Rekordzeit nutzend. Die neue Ausgabe wird der nächste 24. März in Vancouver durchgeführt werden, und die Veranstalter haben angezeigt, dass sich der Wettbewerb darauf richten wird, Verwundbarkeiten in Mobiltelefonen zu nutzen, obwohl man, wie es auch gewöhnlich ist, zu den populärsten Seefahrern Anlass geben wird. Infolgedessen wird 2010 der Pwn2Own in zwei Kategorien geteilt sein: Seefahrer und Telefone. Die erste Kategorie, wird dieser von web-Seefahrern, ihrerseits in drei Etappen geteilt sein, und in jedem wird eine Belohnung $ 10,000 Dollars bestreiten. In der ersten Etappe werden sich die folgenden Seefahrer prüfen: Firefox 3, IE8 und Google ...

  36. Pages web: Pwn2Own 2010, l'objectif ce sont les smartphones et les navigateurs web
    linked on 2010-02-18 @ 08:51 Show Comment

    ... Cette année on recommencera à organiser encore une remise du Pwn2Own déjà connu, un concours dans lequel les participants disputent de grands prix en exploitant des problèmes de sécurité dans un temps record. La nouvelle remise se réalisera le 24 mars suivant à Vancouver, et les organisateurs ont annoncé que le concours se concentrera pour exploiter une vulnérabilité par des téléphones portables, bien que comme il est aussi habituel on donnera lieu aux navigateurs les plus populaires. C'est pourquoi, le Pwn2Own 2010 sera divisée en deux catégories : des navigateurs et des téléphones. La première catégorie, celle de navigateurs web, sera divisée à son tour en trois étapes, et dans chacun un prix de $ 10,000 disputera des dollars. Dans la première étape les navigateurs suivants se mettront à l'épreuve : Firefox 3, IE8 et Google Chrome 4 dans Windows ...

  37. Pwn2Own organizer expects Safari to crack first, and turns its attention to mobile phones | Techno Portal
    linked on 2010-02-19 @ 10:55 Show Comment

    At Pwn2Own 2010, hackers will spend three solid days trying to crack operating systems, browsers and mobile phones architectures. “Safari will be the first to go,” says one of the main sponsors of the event, Aaron Portnoy — though, saying that, only Google Chrome was found ‘unhackable’ at last year’s Pwn2Own.

  38. Will This Years Pwn2Own Hackers Crack Mobile Browsers? | BerryReview.com »
    linked on 2010-02-19 @ 13:06 Show Comment

    I am not sure how I missed this one but Gregg @CIO.com pointed out that this years Pwn2Own contest is only a month away. Pwn2Own is a yearly contest at the CanSecWest security conference where hackers try to break into both desktop browser and mobile targets. It is happening on March 24th in Vancouver in case you are interested.

  39. Hack Smartphones And Browsers For A Chance To Win Up To $100k In Cash Prizes [Random] | Symbian60
    linked on 2010-02-20 @ 13:29 Show Comment

    This year the Pwn2Own competition sponsored by 3Com TippingPoint will include up to $100,000 in cash prizes. One of the targets in this year&#8217;s competition is a BlackBerry Bold 9700 where a successful hack can win you $10,000. Hack a smartphone in a day and win $10,000…sounds like a good deal! It&#8217;s not easy though which is why the cash prizes are so high.

  40. Pwn2Own organizer expects Safari to crack first, and turns its attention to mobile phones | Tech Industry News
    linked on 2010-02-19 @ 23:23 Show Comment

    At Pwn2Own 2010, hackers will spend three solid days trying to crack operating systems, browsers and mobile phones architectures. “Safari will be the first to go,” says one of the main sponsors of the event, Aaron Portnoy — though, saying that, only Google Chrome was found ‘unhackable’ at last year’s Pwn2Own.

  41. Chrome能否在 Pwn2Own 2010 卫冕成功 « 沙浪网
    linked on 2010-02-20 @ 01:11 Show Comment

    转眼间一年过去了,Pwn2Own 2010 即将开幕,本届黑客竞赛上黑客将同样会对 Internet ExplorerMozilla FireFoxGoogle Chrome 以及 Apple Safari 尝试攻击,比赛为期三天,总奖金高达40000美元,每个目标价值10000美元,具体日程安排如下:

  42. Pwn2Own organizer expects Safari to crack first, and turns its attention to mobile phones | World Wide Web
    linked on 2010-02-20 @ 06:05 Show Comment

    At Pwn2Own 2010, hackers will spend three solid days trying to crack operating systems, browsers and mobile phones architectures. “Safari will be the first to go,” says one of the main sponsors of the event, Aaron Portnoy — though, saying that, only Google Chrome was found ‘unhackable’ at last year’s Pwn2Own.

  43. Hack Smartphones And Browsers For A Chance To Win Up To $100k In Cash Prizes [Random] | Symbian60
    linked on 2010-02-20 @ 13:29 Show Comment

    This year the Pwn2Own competition sponsored by 3Com TippingPoint will include up to $100,000 in cash prizes. One of the targets in this year&#8217;s competition is a BlackBerry Bold 9700 where a successful hack can win you $10,000. Hack a smartphone in a day and win $10,000…sounds like a good deal! It&#8217;s not easy though which is why the cash prizes are so high.

  44. $100,000 offered to hackers to hack a range of browsers and mobile devices at the forthcoming CanSecWest security conference. - -
    linked on 2010-03-17 @ 19:33 Show Comment

    Running for the fourth year at the event, $40,000 of the Pwn2Own contest pot will be on offer to entrants that successfully exploit security vulnerabilities to compromise the top four browsers, Internet Explorer, Mozilla Firefox, Google Chrome, and Safari, equivalent to $10,000 per browser.

  45. Hackers mais uma vez brigarão por prêmios de até US$100 mil no evento Pwn2Own 2010 | MacMagazine
    linked on 2010-02-21 @ 13:25 Show Comment

    Assim como acontece todo ano, a 3Com TippingPoint anunciou na semana passada que patrocinará a edição 2010 do Pwn2Own, evento/concurso destinado a hackers que brigam para encontrar brechas de segurança e invadir computadores e smartphones — principalmente através de browsers. Hackers na Pwn2Own 2009

  46. Windows 7 es más seguro que Snow Leopard «
    linked on 2010-02-23 @ 08:01 Show Comment

    El certamen Pwn2Own se inicia el 24 de marzo y se concentrará en los smartphones y navegadores.

  47. Blogg on! » Pwn2Own – Världsmästerskapet i hacking är på gång igen
    linked on 2010-03-18 @ 17:17 Show Comment

    Läs mer på Google eller TippingPoint var addthis_language = 'sv';var addthis_options = 'email, favorites, twitter, delicious, myspace, google, facebook, reddit, live, more'; [Translate] Written by Family Davis in: Teknik Etiketter:Hacking, Mac, osx, Pwn2Own, Safari, TippingPoint

  48. Apple “vất vả” vá lỗi bảo mật cho trình duyệt Safari | CoolTek
    linked on 2010-03-18 @ 20:25 Show Comment

    E ngại trước việc bị tin tặc công phá, Apple tiến hành cập nhật cả 2 phiên bản Safari dành cho Mac OS X lẫn Windows trước khi diễn ra cuộc thi hack trình duyệt Pwn2Own 2010 với tổng giải thưởng lên đến 100.000 USD diễn ra vào ngày 24-3 tại hội nghị bảo mật CanSecWest.

  49. Iphone tros knäckas under hackarkonferens | AppFeber - Nyheter
    linked on 2010-03-19 @ 02:14 Show Comment

    Den 24 mars är det dags för hackarkonferensen Pwn2own. Aaron Portnoy, säkerhetsforskare på företaget Tippingpoint, förutspår att iPhone och IE8 kommer bli de första produkterna att hackas. Pwn2own har funnits sedan 2006 och under den korta tiden har man redan sett några spektakulära hackningar av diverse operativsystem. Priset på 100.000 dollar till den som är först att hacka en mängd olika programvaror är inte fy skam det heller. Läs hela artikeln på IDG.

  50. Web Browsers in the Cross Hairs at Pwn2Own « Blog Sitter
    linked on 2010-03-25 @ 08:16 Show Comment

    As if things weren’t tough enough in the Internet security space, Web browser vendors will have a big target painted on their backs this week at the 2010 Pwn2Own competition.

  51. iPhone, Safari, IE8, Firefox all fall on day one of Pwn2Own - openSUSE Forums
    linked on 2010-03-25 @ 08:44 Show Comment

    Re: iPhone, Safari, IE8, Firefox all fall on day one of Pwn2Own The Firefox on W7 hack worked because the hacker managed to get round ALSR+DEP. According to the Tipping Point website the contest doesn't involve Linux this year. However, I think the whole debate about the security merits of different operating systems--at least their technical merits--somewhat misses the point. Malware mostly spreads through bugs in applications (web browsers, Adobe Flash, Adobe Reader, JavaScript, etc.) and exploiting the ...

  52. iPhone overleeft hackerswedstrijd waarschijnlijk niet, Android & Chrome wel | Androidworld
    linked on 2010-03-19 @ 08:38 Show Comment

    Pwn2Own is een initiatief van TippingPoint Zero Day Initiative die al aan zijn 4de jaargang toe is.  Het wordt dit jaar georganiseerd in Vancouver (Canada) op het CanSecWest conferentie die rond het thema veiligheid draait. Mensen die zich geroepen voelen om deel te nemen kunnen zich registreren met een simpel mailtje. Meer info over de gehele organisatie en het exacte verloop van de wedstrijd kan men hier vinden. Hackers die zich geroepen voelen om deel te nemen zullen waarschijnlijk moeten wachten tot volgend jaar, de wedstrijd begint namelijk volgende woensdag al.

  53. Blogg on! » pwn2own 2010 – Charlie Miller räknas hitta ett tjugptal säkerhetshål i Mac OS X
    linked on 2010-03-19 @ 08:56 Show Comment

    Läs mer på Engadget eller TippingPoint

  54. iPhone will be first mobile device to fall at Pwn2Own 2010 | UpOff.com
    linked on 2010-03-19 @ 10:23 Show Comment

    The fourth annual Pwn2Own contest—which takes place at the CanSecWest security conference every year—kicks off next week. Like last year, 2010’s contest will offer security experts and hackers the chance to “pwn” a number of mobile platforms in addition to various browser/OS combinations. Though no mobile devices were successfully hacked last year, expectations are high that the iPhone will go down in this year’s contest.

  55. Beveiliging iPhone 3GS sneuvelt tijdens hackers wedstrijd - iPhone - Lees iPhoned.nl
    linked on 2010-03-25 @ 08:13 Show Comment

    Bekijk voor meer informatie de site van Pwn2Own.

  56. iPhone falls in Pwn2Own hacking contest | Technology startup news GeekoPedia
    linked on 2010-03-25 @ 07:22 Show Comment

    A delayed flight didn’t stop Vincenzo Iozzo and Ralf Weinmann from scoring a cool $15,000, a brand-new iPhone, and a trip to Las Vegas at the annual Pwn2Own hacking contest in Vancouver on Wednesday.

  57. IPhone Falls in Pwn2Own Hacking Contest
    linked on 2010-03-25 @ 08:07 Show Comment

    ... their payload software.To make their attack work, they used a technique called “return-oriented programming,” in which they essentially cobble together instructions from different parts of the iPhone’s memory. But even with this technique, the iPhone’s sandbox restricted what they could do once they had hacked into the machine.———————————-http://dvlabs.tippingpoint.com/blog/2010/02/15/pwn2own-2010According to the ZDI Twitter feed…Nils from MWR InfoSecurity (@MWRLabs) succeeded against Firefox on Windows 7.Peter Vreugdenhil (@WTFuzz) succeeded against Internet Explorer 8 on Windows 7 with a technically impressive exploit bypassing DEP.Charlie Miller (@0xcharlie) popped the MacBook Pro via Safari. Source and more: heregoogle_ad_client = "pub-3167728245411780"; /* 336x280, created 7/27/09 */ google_ad_slot = "8610590476"; google_ad_width = 336; google_ad_height = 280; Share with friends: Comments (0) Trackbacks (0) Leave a comment Trackback No comments yet. No trackbacks yet. ...

  58. iPhone Hacked Fast at Pwn2Own Hacking Contest 2010
    linked on 2010-03-25 @ 06:41 Show Comment

    ... protection in place for running malicious code on the iPhone, but it doesn’t cut it. "The way they implement code-signing is too lenient." Weinmann and Iozzo won a $15k cash prize and also the hijacked iPhone. For insight on how the hack works you can read it here. -- Related Posts » Leawo – Free DVD to iPhone Converter» Lunarpages Wordpress Theme design contest is back!» Yellowsnow is out for Download: Unlock Your iPhone 3G 2.2» Melayu Boleh – Wangcyber SEO challenge ends Related References ...

  59. Pwn2Own-Contest: Sicherheitslücken in iPhone OS 3.1.3 und Safari
    linked on 2010-03-25 @ 06:27 Show Comment

    Der Pwn2Own-Contest wirde jedes Jahr auf der CanSecWest ausgetragen, um die Anfälligkeit verschiedener Betriebssysteme und Browser genauer unter die Lupe zu nehmen. Zu gewinen gab es ingesamt $100.000. Autor: Datum: Kategorie: Tags: -- Kathrin Grannemann, Chefredakteur 25.03.2010 , 12:21 Uhr News & Rumors CanSecWest, iPhone, Macbook Pro, Pwn2Own, Wettbewerb  

  60. TippingPoint | DVLabs | Pwn2Own 2010 | TechLad : Tech News from around the world
    linked on 2010-03-25 @ 06:04 Show Comment

    Pwn2own Feb 15, 2010 … The TippingPoint Zero Day Initiative (ZDI) is proud to announce that the annual Pwn2Own contest is back again this year at the CanSecWest …Tags: Pwn2ownRead MoreTippingPoint DVLabs Pwn2Own 2010.

  61. [news] iPhone, Safari, IE8 & Firefox thrashed by Hackers « Edward's Take
    linked on 2010-03-25 @ 06:04 Show Comment

    [news] iPhone, Safari, IE8 & Firefox thrashed by Hackers 25 03 2010 Flaws were found at a lot of our daily used web browsers and iPhone today within minutes into this year’s Pwn2Own. And all these are no child’s play as there is quite a lot of $$ at stake, not to mention reputation.

  62. Nederlander hackt Windows 7 via IE8 « Nieuws Nederland
    linked on 2010-03-25 @ 05:00 Show Comment

    Peter Vreugdenhil was niet de enige die met succes een machine hackte op de wedstrijd die wordt georganiseerd door TippingPoint. Het meest in het oog springende succes werd geboekt door Vincenzo Iozzo and Ralf Weinmann die de iPhone hackten. Dit is de eerste werkende exploit sinds Apple in 2008 versie 2 van de iPhone introduceerde.

  63. The Fallen: IE8, FireFox, Safari, iPhone…
    linked on 2010-09-14 @ 01:19 Show Comment

    Pwn2Own, proving, once again, that there really is a reason to be in the infosecurity realm, displays the cream of the crop in brilliant security researchers, and the outstanding intellectual tour de force, in the wholesale trampling of almost every browser based security model and iPhone hardware protective layer known…. Literally, in minutes.  Ah, best laid plans… We congratulate the winners! More information, inclusive of a short snippet of the original Computerworld post, appears after the jump.

  64. iPhone SMS database hacked in 20 seconds
    linked on 2010-03-25 @ 04:38 Show Comment

    iPhone SMS database hacked in 20 seconds by nolovelust 25. March 2010 09:27 Vincenzo Iozzo and Ralf Philipp Weinmann succeeded in exploiting the iPhone in the first time slot and getting $15,000 first prize. They exploited a 0day Safari vulnerability with a payload which retrieved the text messages from the device.

  65. Jailbreak-ul ar putea deveni mult mai simplu | iPhone - tutoriale jailbreaking, unlock, customizare, jocuri.
    linked on 2010-03-25 @ 03:08 Show Comment

    0 Salut, bine ai venit pe zaone.ro! Daca vrei sa fii la curent cu noutatile din lumea Apple atunci inscrie-te pentru a primi mail cand apare un articol nou! Zilele acestea se desfasoara competitia pwn2own, una dintre cele mai mari hacking competitions din lume in care experti in securitate si hackeri se aduna pentru a demonstra vulnerabilitatile softurilor existente pe piata la momentul actual.

  66. March 24th 2010. The day of hunting web browser bugs, and not only…
    linked on 2010-03-19 @ 20:25 Show Comment

    One thing to be noted is that Linux was (again) kept out of the competition… too bad =) Other information on this can be found here. --

  67. Safari, Firefox, and IE8 hacked; Chrome left untested | X-coZ BLog
    linked on 2010-03-25 @ 00:42 Show Comment

    All successful competitors receive $10,000 USD and their hacked laptop as reward. The following laptops are available as prizes: Apple Macbook Pro 15″, HP Envy Beats 15″, Sony Vaio 13″, and Alienware M11x. They also receive 20,000 ZDI points which qualifies them for a $5,000 USD payment, 25% reward points on 2011 ZDI entries, 15% monetary bonus on 2011 ZDI entries, and a paid trip and registration to DEFCON in Las Vegas. 

  68. Tech talk [what really grinds my gears...] : Ansel Chen Shan Santosa
    linked on 2010-03-22 @ 22:30 Show Comment

    First a quote from a security expert on OS X being safe, but not secure. I’ll give you one guess what the first to fall are expected to be at pwn2ownSafari and the iPhone.

  69. Mozilla corregge Firefox 3.6, ecco Firefox 3.6.2 | setteB.IT
    linked on 2010-03-23 @ 03:07 Show Comment

    Mozilla prometteva di rilasciare una nuova versione corretta entro la fine del mese, ma Firefox 3.6.2 (18,4 MB) è già arrivato in versione definitiva. Mozilla non voleva presentarsi al CanSecWest di Vancouver, l’annuale conferenza sulla sicurezza informatica, con il browser in quelle condizioni ed essere uno dei primi software a “cadere” sotto le mani degli hacker che si sfidano per il PWN2OWN 2010.

  70. iPhone falls at Pwn2Own | Hardware 2.0 | ZDNet.com
    linked on 2010-03-24 @ 17:26 Show Comment

    According to Zero Day Initiative, an initiative founded by TippingPoint which organizes the security competition Pwn2Own, the iPhone has been successfully exploited within minutes of the competition starting.

  71. Ralf-Philipp Weinmann & Vincenzo Iozzo own the iPhone at PWN2OWN « blog.zynamics.com
    linked on 2010-03-24 @ 17:57 Show Comment

    http://dvlabs.tippingpoint.com/blog/2010/02/15/pwn2own-2010

  72. CELLULARI » Pwn2Own: trovata una falla di sicurezza su iPhone tramite Safari
    linked on 2010-03-24 @ 18:19 Show Comment

    Pwn2Own: trovata una falla di sicurezza su iPhone tramite Safari March 25th, 2010 Commenta Vai ai commenti In queste ora è iniziato l’annuale Pwn2Own, evento nel quale i migliori hacker del mondo cercano di trovare falle di sicurezza su vari smartphone.

  73. CELLULARI » Pwn2Own: trovata una falla di sicurezza su iPhone tramite Safari
    linked on 2010-03-24 @ 18:19 Show Comment

    In queste ora è iniziato l’annuale Pwn2Own, evento nel quale i migliori hacker del mondo cercano di trovare falle di sicurezza su vari smartphone.

  74. » Pwn2Own: trovata una falla di sicurezza su iPhone tramite Safari
    linked on 2010-03-24 @ 18:48 Show Comment

    In queste ora è iniziato l’annuale Pwn2Own, evento nel quale i migliori hacker del mondo cercano di trovare falle di sicurezza su vari smartphone.

  75. iFUN.de/iPhone :: Alles zum iPhone − Hacker-Wettbewerb: iPhone übersteht "pwn2own" nicht unbeschadet
    linked on 2010-03-24 @ 19:35 Show Comment

    Der pwn2own-Wettbewerb ist seit Jahren ein fester Bestandteil der CanSecWest Security Conference und fordert die an ihm teilnehmenden Hacker regelmäßig dazu auf Schwachstellen in Browsern und Betriebssystemen zu finden und diese auszunutzen. Fähigen Köpfen denen es gelingt verschiedene Rechner bzw. die auf ihnen installierten Browser zu hacken bekommen $5000 Preisgeld - für Sicherheitslücken im iPhone bzw. in MobileSafari wurden bis zu $15.000 ausgelobt.

  76. Standaard iPhone 3GS op 3.1.3 als eerste gehackt op Pwn2Own - iPhone - iPhoneclub.nl
    linked on 2010-03-24 @ 19:56 Show Comment

    Vincenzo Iozzo (@_snagg) en Ralf Philipp Weinmann (@esizkur) zijn er op het jaarlijkse evenement Pwn2Own op de CanSecWest conferentie in geslaagd om een standaard iPhone 3GS op firmware 3.1.3 te hacken. De kwetsbaarheid waar de hackers gebruik van maakten bevindt zich in Safari op iPhone OS en stelde hen in staat om op afstand de smsjes uit te lezen. De ...

  77. Pwn2Own 2010 : Vincenzo et Weinmann 1 – iPhone 0 | SOSiPhone.com (Le Blog)
    linked on 2010-03-24 @ 20:44 Show Comment

    Sources : Pwn2Own 2010

  78. BlogoFlux – Latest news on Gadgets, Internet, Applications & Hardware » Blog Archive » Safari, Firefox, and IE8 hacked; Chrome left untested
    linked on 2010-03-24 @ 22:07 Show Comment

    All successful competitors receive $10,000 USD and their hacked laptop as reward. The following laptops are available as prizes: Apple Macbook Pro 15″, HP Envy Beats 15″, Sony Vaio 13″, and Alienware M11x. They also receive 20,000 ZDI points which qualifies them for a $5,000 USD payment, 25% reward points on 2011 ZDI entries, 15% monetary bonus on 2011 ZDI entries, and a paid trip and registration to DEFCON in Las Vegas.

  79. Pwn2Own 2010 Day 1 Overview : Liquidmatrix Security Digest
    linked on 2010-03-24 @ 22:41 Show Comment

    For real time coverage of the rest of this event and more reading on each topic you can surf over to ZDI’s twitter page @thezdi or over at the contest overview at TippingPoint DVLabs. Tag It:

  80. Researcher Finds 20 Preview, Safari Security Holes
    linked on 2010-03-21 @ 20:07 Show Comment

    ... Internet security researcher Charlie MIller will release the results of research he's done to uncover 30 security holes in Mac OS X to the CanSecWest security conference in Vancouver later this month. According to a report by Forbes, the guy who won a MacBook Air at Pwn2Own the past two straight years is not sure whether he will tell Apple what the flaws are: he says he might hold on to them for this year's challenge. Miller worked for five years at the US National Security Agency as a "global network explaoitation analyst," finding weaknesses and vulnerabilities in computer networks for the US government spies, reportedly carrying out multiple hacks against foreign targets. As a private citizen, he ...

  81. Mobile Internet Solutions » iPhone will be first mobile device to fall at Pwn2Own 2010
    linked on 2010-03-22 @ 09:05 Show Comment

    The fourth annual Pwn2Own contest—which takes place at the CanSecWest security conference every year—kicks off next week. Like last year, 2010’s contest will offer security experts and hackers the chance to “pwn” a number of mobile platforms in addition to various browser/OS combinations. Though no mobile devices were successfully hacked last year, expectations are high that the iPhone will go down in this year’s contest.

  82. Pwn2Own contest in 2010 « From my Macbook to the Net
    linked on 2010-03-22 @ 12:41 Show Comment

    Pwn2Own contest schedule is here. Keep an eye what is going on with modern OS’s security nowadays.

  83. New browser ordeal
    linked on 2010-03-22 @ 15:37 Show Comment

    March 24. will be this year’s browser-ordeal in Vancouver, its where the hackers are rewarded for knocking down browser/OS security. This year the contest has been divided in two; part one is browsers on different platforms and part two is the software on cellphones turn. The prize this year is $100k, an amazing amount. The last couple of days the different developers has spent a lot of time and effort to secure the browsers, in vain if you ask me. As long as humans program the security other humans will break them.

  84. iPhone will be first mobile device to fall at Pwn2Own 2010 | The Internet Database
    linked on 2010-03-21 @ 15:48 Show Comment

    The fourth annual Pwn2Own contest—which takes place at the CanSecWest security conference every year—kicks off next week. Like last year, 2010’s contest will offer security experts and hackers the chance to “pwn” a number of mobile platforms in addition to various browser/OS combinations. Though no mobile devices were successfully hacked last year, expectations are high that the iPhone will go down in this year’s contest.

  85. Hackers offered $100,000 for browser and phone exploits | MAC NEWS
    linked on 2010-03-21 @ 03:59 Show Comment

    Running for the fourth year at the event, $40,000 of the Pwn2Own contest pot will be on offer to entrants that successfully exploit security vulnerabilities to compromise the top four browsers, Internet Explorer, Mozilla Firefox, Google Chrome, and Safari, equivalent to $10,000 per browser.

  86. Pwn2Own 2010 Participants Envision Apple iPhone As Their Easy Way Out To A Win | Trends Updates
    linked on 2010-03-21 @ 05:52 Show Comment

    Via Ars Technica & Tipping Point Random Posts: Diseases you never thought could be viral infections Where Is Darjeeling Headed To? The end of Britain’s era of war? ...

  87. ハックイベントでみんな仲良く陥落 « やっぱりマックでしょ!
    linked on 2010-03-25 @ 10:23 Show Comment

    engadget japan によると セキュリティイベント PWN2OWN で、iPhone だけでなく Windows 7 と Mac OS X v10.6(Snow Leopard)もなかよくハックされたそうです。関連記事

  88. [KlimBim] Pwn2Own, Touchscreen-Analyse, iPad-Instapaper, Jobs Email-Antwort zur einheitlichen Inbox, Textunes, WSJ und CBS
    linked on 2010-03-25 @ 08:52 Show Comment

    Die Konferenz in Vancouver läuft noch bis zum 26. März und wird sich an den ausstehenden Tagen auch noch den anderen Mobilfunk-Plattformen von BlackBerry (Bold 9700), Nokia (E72 / Symbian) und HTC (Nexus One / Android) widmen.

  89. Iphone hacked på 20 sekunder. - IT sikkerhed & Business IT Continuity
    linked on 2010-03-25 @ 09:35 Show Comment

    I forbindelse med CanSecWest security konferenceni Vancouver den 24. marts, blev Pwn2Own konkurrencen også afviklet .

  90. Concours de hacking : l’iPhone, Safari, IE8 et Firefox sont tombés « News Internet
    linked on 2010-03-25 @ 10:05 Show Comment

    Comme chaque année, les hackers et experts en sécurité sont conviés à participer à la conférence CanSecWest et, s’ils le souhaitent, à un concours de hacking : le Pwn2Own. Les participants, pour remporter des lots (100 000 dollars au total), doivent pouvoir exécuter (avec ou sans interaction avec l’utilisateur) des attaques contre différents systèmes.

  91. » Pwn2Own 2010: exploit di iPhone in 20 secondi
    linked on 2010-03-25 @ 10:50 Show Comment

    È costato solo 20 secondi l’hacking di un iPhone a Ralf-Philipp Weinmann (ricercatore all’Università del Lussemburgo) e Vincenzo Iozzo (ricercatore presso Zynamics). Pwn2Own è il concorso annuale di hacking che si svolge durante CanSecWest, la maggiore conferenza internazionale di sicurezza digitale.

  92. Chrome Still Standing at Pwn2Own | thechromesource - Google Chrome and Chrome OS News and Resources
    linked on 2010-03-25 @ 11:00 Show Comment

    Yesterday was the day for Windows 7, and today the competition will face Vista, with tomorrow highlighting XP. Will Chrome fall on a less secure system? We shall see. Here is the complete three day schedule for Pwn2Own:

  93. IE8, Safari and Firefox fall at Pwn2Own 2010 | Hardware 2.0 | ZDNet.com
    linked on 2010-03-25 @ 11:19 Show Comment

    Internet Explorer 8, Safari and Firefox web browsers have all fallen victim to a PWNAGE at this years Pwn2Own 2010 security contest.

  94. Google Chrome irrompible | conecti.ca
    linked on 2010-03-25 @ 11:55 Show Comment

    Ni Safari, ni Internet Explorer ni Firefox soportaron al embate de hackers y expertos en seguridad informática en el concurso anual de seguridad Pwn2Own, que tiene el objetivo de explotar todos los problemas de seguridad que existan en diferentes aplicaciones y smartphones, entre ellos el Nexus One y el iPhone 3Gs.

  95. bgnovini.net - IT, компютри, цифрови камери и фотоапарати » Blog Archive » Хакнаха iPhone 3GS
    linked on 2010-03-25 @ 12:34 Show Comment

    На провеждащото се във Ванкувър, Канада, ежегодно хакерско състезание Pwn2Own 2010 специалисти по безопасността проведоха показателни атаки, насочени срещу уеб-браузъри.

  96. IE8, Safari 4, Firefox 3, iPhone fall on day 1 of Pwn2Own | The Internet Database
    linked on 2010-03-25 @ 12:40 Show Comment

    The first day of the annual Pwn2Own contest in which security researchers can win cash and hardware if they successfully compromise machines using zero-day exploits is finished. Internet Explorer 8 on Windows 7, Firefox 3 on Windows 7, Safari 4 on Mac OS X 10.6, and iPhone OS 3 were all compromised during the competition. Google’s Chrome was the only browser left standing—and in fact, was completely untested. None of the researchers at the competition even tried to attack Chrome.

  97. iPhone Falls At Pwn2Own With 20 Second Exploit | The Iphone Blog
    linked on 2010-03-25 @ 13:06 Show Comment

    Wow, we heard rumors that the iPhone would be hit quickly, but not THAT quickly! Pwn2Own is a regular cracking event held at CanSecWest, where white hat hackers race to expose massive vulnerabilities in platforms and browsers, competing for big cash prizes and hardware. Two European security experts — Vincenzo Iozzo and Ralf Philipp Weinmann — sent the iPhone to a website of their devising, which ...

  98. IE8, Safari 4, Firefox 3, iPhone fall on day 1 of Pwn2Own | The ArberB Blog
    linked on 2010-03-25 @ 13:07 Show Comment

    The first day of the annual Pwn2Own contest in which security researchers can win cash and hardware if they successfully compromise machines using zero-day exploits is finished. Internet Explorer 8 on Windows 7, Firefox 3 on Windows 7, Safari 4 on Mac OS X 10.6, and iPhone OS 3 were all compromised during the competition. Google’s Chrome was the only browser left standing—and in fact, was completely untested. None of the researchers at the competition even tried to attack Chrome.

  99. IE8, Safari 4, Firefox 3, iPhone fall on day 1 of Pwn2Own
    linked on 2010-03-25 @ 13:08 Show Comment

    IE8, Safari 4, Firefox 3, iPhone fall on day 1 of Pwn2Own By Peter Bright Last updated March 25, 2010 12:23 PM The first day of the annual Pwn2Own contest in which security researchers can win cash and hardware if they successfully compromise machines using zero-day exploits is finished. Internet Explorer 8 on Windows 7, Firefox 3 on Windows 7, Safari 4 on Mac OS X 10.6, and iPhone OS 3 were all compromised during the competition. ...

  100. TippingPoint | DVLabs | Pwn2Own 2010 | Blognya Anak Mami | yudaprabu.com
    linked on 2010-09-08 @ 11:14 Show Comment

    Excerpt from:  TippingPoint DVLabs Pwn2Own 2010 This entry was posted in pengetahuan and tagged 2007-update-, article, etiketter, exploit, family-davis, information, letra-magazine, milw0rm, page, safari, teknik-hacking, tipping. Bookmark the permalink. ← Lowongan Kerja BUMN 2010/2011 Lowongan CPNS BUMN Bank 2010 2011 “Trembesi” Penyerap karbon Yang Handal « Andi Chairil Ichsan →

  101. Firefox, IE8, Safari et même l’iPhone piratés au Pwn2Own
    linked on 2010-03-25 @ 13:15 Show Comment

    Pour avoir plus d’informations sur le Pwn2Own, c’est par ici (anglais). Publié le 25 mars 2010 par Sylvain SZEWCZYK dans Hack, Mac, Navigateur, Sécurité

  102. IE8, Safari 4, Firefox 3, iPhone fall on day 1 of Pwn2Own | Family Learning Center
    linked on 2010-03-25 @ 13:20 Show Comment

    The first day of the annual Pwn2Own contest in which security researchers can win cash and hardware if they successfully compromise machines using zero-day exploits is finished. Internet Explorer 8 on Windows 7, Firefox 3 on Windows 7, Safari 4 on Mac OS X 10.6, and iPhone OS 3 were all compromised during the competition. Google’s Chrome was the only browser left standing—and in fact, was completely untested. None of the researchers at the competition even tried to attack Chrome.

  103. IE8, Safari 4, Firefox 3, iPhone fall on day 1 of Pwn2Own | UpOff.com
    linked on 2010-03-25 @ 13:24 Show Comment

    The first day of the annual Pwn2Own contest in which security researchers can win cash and hardware if they successfully compromise machines using zero-day exploits is finished. Internet Explorer 8 on Windows 7, Firefox 3 on Windows 7, Safari 4 on Mac OS X 10.6, and iPhone OS 3 were all compromised during the competition. Google’s Chrome was the only browser left standing—and in fact, was completely untested. None of the researchers at the competition even tried to attack Chrome.

  104. Hack Google Chrome and get paid? | Lakwatcha Magazine
    linked on 2010-08-27 @ 02:57 Show Comment

    Google Chrome team come up with this idea after their sole browser left standing: Google Chrome, on the competition called Pwn2Own. The competition tested the four most popular web browsers – Firefox, Internet Explorer, Safari, and Chrome — offering $10,000 for each browser busted.

  105. Open Systems Journal » Blog Archive » IE8, Safari 4, Firefox 3, iPhone fall on day 1 of Pwn2Own
    linked on 2010-03-25 @ 13:26 Show Comment

    The first day of the annual Pwn2Own contest in which security researchers can win cash and hardware if they successfully compromise machines using zero-day exploits is finished. Internet Explorer 8 on Windows 7, Firefox 3 on Windows 7, Safari 4 on Mac OS X 10.6, and iPhone OS 3 were all compromised during the competition. Google’s Chrome was the only browser left standing—and in fact, was completely untested. None of the researchers at the competition even tried to attack Chrome.

  106. Google Chrome irrompible
    linked on 2010-03-25 @ 14:12 Show Comment

    Ni Safari, ni Internet Explorer ni Firefox soportaron al embate de hackers y expertos en seguridad informática en el concurso anual de seguridad Pwn2Own, que tiene el objetivo de explotar todos los problemas de seguridad que existan en diferentes aplicaciones y smartphones, entre ellos el Nexus One y el iPhone 3Gs.

  107. Safari browser and iPhone hacked in Pwn2Own contest at CanSecWest | Macs in Business | TechRepublic.com
    linked on 2010-03-25 @ 14:17 Show Comment

    Vancouver has been a happening city this year — first the Winter Olympics and now the hacking olympics, otherwise known at the Pwn2Own contest taking place at the CanSecWest Applied Security Conference in lovely British Columbia.

  108. Technology news - Techvibes Blog
    linked on 2010-03-25 @ 14:36 Show Comment

    Charlie Miller, the PWN2OWN winner and security consultant with Independent Security Evaluators, guided the attendees at CanSecWest through “Babysitting an army of monkeys: An analysis of fuzzing four products with 5 lines of Python” today. 

  109. iPhone falls in Pwn2Own hacking contest - Technical News
    linked on 2010-03-25 @ 14:50 Show Comment

    A delayed flight didn’t stop Vincenzo Iozzo and Ralf Weinmann from scoring a cool $15,000, a brand-new iPhone, and a trip to Las Vegas at the annual Pwn2Own hacking contest in Vancouver on Wednesday.

  110. IE8, Safari 4, Firefox 3, iPhone fall on day 1 of Pwn2Own « Digital Asylum
    linked on 2010-03-25 @ 15:13 Show Comment

    The first day of the annual Pwn2Own contest in which security researchers can win cash and hardware if they successfully compromise machines using zero-day exploits is finished. Internet Explorer 8 on Windows 7, Firefox 3 on Windows 7, Safari 4 on Mac OS X 10.6, and iPhone OS 3 were all compromised during the competition. Google’s Chrome was the only browser left standing—and in fact, was completely untested. None of the researchers at the competition even tried to attack Chrome.

  111. iPhone falls in Pwn2Own hacking contest « I.T News & Stuff
    linked on 2010-03-25 @ 16:51 Show Comment

    A delayed flight didn’t stop Vincenzo Iozzo and Ralf Weinmann from scoring a cool US$15,000, a brand-new iPhone and a trip to Las Vegas at the annual Pwn2Own hacking contest in Vancouver on Wednesday.

  112. Safari browser and iPhone hacked in Pwn2Own contest at CanSecWest « Random Chaos
    linked on 2010-03-25 @ 19:09 Show Comment

    Vancouver has been a happening city this year — first the Winter Olympics and now the hacking olympics, otherwise known at the Pwn2Own contest taking place at the CanSecWest Applied Security Conference in lovely British Columbia.

  113. IE8, Safari 4, Firefox 3, iPhone fall on day 1 of Pwn2Own | TechBlogs Today
    linked on 2010-03-25 @ 19:15 Show Comment

    The first day of the annual Pwn2Own contest in which security researchers can win cash and hardware if they successfully compromise machines using zero-day exploits is finished. Internet Explorer 8 on Windows 7, Firefox 3 on Windows 7, Safari 4 on Mac OS X 10.6, and iPhone OS 3 were all compromised during the competition. Google’s Chrome was the only browser left standing—and in fact, was completely untested. None of the researchers at the competition even tried to attack Chrome.

  114. Pwn2Own succesvol. iPhone, Safari, IE8 en Firefox gehacked | Oblivious
    linked on 2010-03-25 @ 19:48 Show Comment

    ObliviousHomeAboutContactSneltoetsen MacPwn2Own succesvol. iPhone, Safari, IE8 en Firefox gehacked March 26th, 2010 No Comments [Translate]Op hackers wedstrijd Pwn2Own is zijn op de eerste dag de iPhone, IE8 en Mozilla Firefox gehacked. Dus we kunnen wel stellen dat de wedstrijd succesvol van start is gegaan.iPhone en SafariHet is 2 hackers (Vincenzo Iozzo and Ralf-Philipp Weinmann) gelukt om de iPhone te hacken en ongemerkt gegevens binnen te halen. ...

  115. Media Blog » Blog Archive » Web Browsers Crushed in ‘Pwn2Own’ Contest
    linked on 2010-03-25 @ 20:16 Show Comment

    Think your web browser is secure? Think again. Nearly every common browser on the web has been compromised as part of the Pwn2Own contest at the annual CanSecWest security conference.

  116. Falling Like Dominoes « Dan's New Blog
    linked on 2010-03-25 @ 21:07 Show Comment

    leave a comment » They’re falling like dominoes at the annual Pwn2own event this year in Vancouver. Some really smart scary guys have managed to hijack Windows 7 PCs via Firefox and IE8 (snort) and a MacBook using Safari. Two of ‘em even hacked an iPhone and downloaded its database of SMS messages. (Yoikes!)

  117. Web Browsers Crushed in ‘Pwn2Own’ Contest - Programming Blog
    linked on 2010-03-25 @ 21:22 Show Comment

    Think your web browser is secure? Think again. Nearly every common browser on the web has been compromised as part of the Pwn2Own contest at the annual CanSecWest security conference.

  118. Web Browsers Crushed in ‘Pwn2Own’ Contest | Web Development News
    linked on 2010-03-25 @ 22:06 Show Comment

    Think your web browser is secure? Think again. Nearly every common browser on the web has been compromised as part of the Pwn2Own contest at the annual CanSecWest security conference.

  119. IE8, Safari 4, Firefox 3, iPhone fall on day 1 of Pwn2Own | Tech News From All Over The Net
    linked on 2010-03-26 @ 00:12 Show Comment

    The first day of the annual Pwn2Own contest in which security researchers can win cash and hardware if they successfully compromise machines using zero-day exploits is finished. Internet Explorer 8 on Windows 7, Firefox 3 on Windows 7, Safari 4 on Mac OS X 10.6, and iPhone OS 3 were all compromised during the competition. Google’s Chrome was the only browser left standing—and in fact, was completely untested. None of the researchers at the competition even tried to attack Chrome.

  120. iPhone Falls At Pwn2Own With 20 Second Exploit | iPhoneBizBlog
    linked on 2010-03-26 @ 00:15 Show Comment

    Wow, we heard rumors that the iPhone would be hit quickly, but not THAT quickly! Pwn2Own is a regular cracking event held at CanSecWest, where white hat hackers race to expose massive vulnerabilities in platforms and browsers, competing for big cash prizes and hardware. Two European security experts — Vincenzo Iozzo and Ralf Philipp Weinmann — sent the iPhone to a website of their devising, which ...

  121. L’iPhone, Safari, Internet Explorer 8 et Firefox, hackés en quelques minutes « Geekophone – Parlons peu, parlons geek
    linked on 2010-03-26 @ 01:42 Show Comment

    Le concours Pwn2Own permet aux experts de la sécurité de montrer leurs talents… et aux éditeurs de corriger les failles de leurs logiciels. Cet évènement regroupe « certains des esprits les plus brillants de la recherche en matière de sécurité », selon les responsables de la compagnie.

  122. iPhone, Safari, IE8 y Firefox sucumben en el primer día de Pwn2Own «
    linked on 2010-03-26 @ 02:45 Show Comment

    blog http://dvlabs.tippingpoint.com/blog/2010/02/15/pwn2own-2010

  123. iPhone spart in 20 de secunde, IE 8 si W7 in 2 minute | CHIP Go Digital Blog
    linked on 2010-03-26 @ 03:50 Show Comment

    Detalii mai multe despre organizare si premiile puse in joc se gasesc aici.

  124. Mac, iPhone, Windows 7, IE8 bucati in pochi minuti. Bonus: rubano tutti gli SMS dal telefonino « Paoblog
    linked on 2010-03-26 @ 04:09 Show Comment

    La gara per smanettoni Pwn2Own, dove chi riesce a prendere il comando da remoto di un computer se lo porta a casa insieme a un premio in denaro, è tornata anche quest’anno in quel di Vancouver, e son botte da orbi per tutti.

  125. Pwn2Own : IE - Down, Safari - Down, Firefox - Down, Chrome - Not Tested | Tech Hamlet
    linked on 2010-03-26 @ 05:07 Show Comment

    Pwn2Own 2010

  126. iPhone als eerste gehacked op Pwn2Own | Mobielbegin.nl
    linked on 2010-03-26 @ 05:14 Show Comment

    Nog geen tien minuten nadat de Pwn2Own-hackerswedstrijd van start ging, wisten Vincenzo Iozzo en Ralf Philipp Weinmann de sms-database van een iPhone uit te lezen. Dit gebeurde door met de browser van de iPhone te surfen naar een vooraf opgezette website, die het voor elkaar kreeg om een stukje code op de telefoon te draaien. Na het binnenhalen van de gegevens crashte de browser. Volgens de hackers zou het echter mogelijk moeten zijn om de exploit zo aan te passen dat de gebruiker niet doorheeft dat er iets aan de hand is.

  127. Internet Explorer And Firefox Exploited At Security Conference
    linked on 2010-03-26 @ 05:37 Show Comment

    ... created 7/6/08 */google_ad_slot = "2528346899";google_ad_width = 336;google_ad_height = 280; If there is one thing that you do not want to read as a web browser user or browser manufacturer it is that your browser has been exploited at a security conference while others have not. The Pwn2Own security conference is a competitive gathering of security experts who try to successfully compromise computer systems using zero-day exploits. The first security researchers to compromise the systems earn cash prizes and hardware.Two of the most popular web browsers have been compromised on day one of the conference. Both Microsoft’s Internet Explorer and Mozilla’s Firefox web browser were compromised on that day meaning that security vulnerabilities exist that have not been patched in the latest versions of the web browsers.No security researcher even tried to exploit the Google Chrome web browser which many attribute to its sandboxing. Apple’s Safari browser was exploited as well and the Opera web browser, was once again, not even included in the contest.Video of Internet Explorer 8 being exploited:Is it safe to say that Google Chrome is the most secure web browser currently? It probably is but that does not mean that there are no exploits for it or that it offers a completely secure environment as Chrome security vulnerabilities have been discovered in the past as well. google_ad_client = "pub-5406364303442190";/* 300x250, created 2/27/09 */google_ad_slot = "1148508964";google_ad_width = 300;google_ad_height = 250; Tags: firefox, google chrome, internet explorer 8, opera, pwn2own, safari, SecurityCategories: Browsing, Google Chrome, Internet Explorer, Security, firefoxPrevious Post: System Information For Windows Pro ReviewNext Post: Related posts:Top 5 Security Plugins For Firefox, Chrome And Internet ExplorerMicrosoft’s Internet Explorer Comparison ChartMicrosoft Internet Explorer Security UpdateInternet Explorer Emergency Patch Download [Security]Microsoft Confirms Internet Explorer Vulnerability [Security]Another Report Finds Internet Explorer 8 To Be The Most Secure Web BrowserF-Secure Exploit Shield Protects Against 0-Day Web Browser ExploitsInternet Explorer Vulnerability FixLeave a Reply   Follow Ghacks   Subscribe To Comment Rss Click here to ...

  128. iPhone, Internet Explorer 8 y Firefox hackeados en Pwn2Own : Noticias2D
    linked on 2010-03-26 @ 06:27 Show Comment

    Un trabajo que les ha tenido la mente ocupada durante varias semanas para realizar uno de los eventos que dejan claro que navegadores deben mejorar y que teléfonos tienen que actualizarse.

  129. Hacktävling - iPhone, IE8, Safari, Firefox hackad men inte Chrome |
    linked on 2010-03-26 @ 06:39 Show Comment

    Pwn2Own är en årlig tävling där experter på säkerhet träffas för att visa upp sina talanger. Och för utvecklare av mjukvaror att ta reda på de säkerhetshål som har upptäckts och korrigera dessa brister i deras mjukvaror. Arrangerat av företaget TippingPoint äger tävlingen rum under säkerhetskonferensen CanSecWest. Enligt arrangörerna deltar ”några av de skarpaste hjärnorna inom säkerhetsforskning”. I potten ligger 100 ooo dollars prispengar delad upp i två kategorier: 40 000 för de som hackar webbläsare och 60 000 för hackning av mobila operativsystem.

  130. Dispatches from Pwn2Own | Apple World
    linked on 2010-03-26 @ 06:51 Show Comment

    A delayed flight didn’t stop Vincenzo Iozzo and Ralf Weinmann from scoring a cool $15,000, a brand-new iPhone and a trip to Las Vegas at the annual Pwn2Own hacking contest in Vancouver on Wednesday.

  131. Sobre competiciones, seguridad y de cómo Linux también es vulnerable | MuyWindows
    linked on 2010-03-26 @ 06:53 Show Comment

    En realidad no en los dos casos. En cuanto a Chrome ninguno de los participantes se molestó en intentar atacar al navegador de Google porque llevaban preparados ataques a otros navegadores para llevarse el premio (dejando desierto, por cierto, un premio de 10.000 dólares). Al parecer existen agujeros de seguridad en Chrome pero demasiado laboriosos de explotar. En el caso de Linux los organizadores no consideran a este sistema operativo suficientemente extendido como para incorporarlo a la competición

  132. IE8, Safari 4, Firefox 3, iPhone fall on day 1 of Pwn2Own « Interesting finds
    linked on 2010-03-26 @ 07:31 Show Comment

    The first day of the annual Pwn2Own contest in which security researchers can win cash and hardware if they successfully compromise machines using zero-day exploits is finished. Internet Explorer 8 on Windows 7, Firefox 3 on Windows 7, Safari 4 on Mac OS X 10.6, and iPhone OS 3 were all compromised during the competition. Google’s Chrome was the only browser left standing—and in fact, was completely untested. None of the researchers at the competition even tried to attack Chrome.

  133. Chrome – zadnji preživeli | zirosi
    linked on 2010-03-26 @ 08:00 Show Comment

    Takšno je poročilo iz nekakšnega hekerskega tekmovanja Pwn2Own 2010.

  134. .:[ d4 n3wS ]:. » Blog Archive » Pwn2Own : Contest targets iPhone, Android, BlackBerry, IE, Firefox and Chrome
    linked on 2010-08-24 @ 23:30 Show Comment

    +infos : http://dvlabs.tippingpoint.com/blog/2010/02/15/pwn2own-2010?

  135. Google Chrome è il browser più stabile è sicuro, parola di Pwn2Own | ciaoblog
    linked on 2010-03-26 @ 11:04 Show Comment

    Ieri notte si è svolta l’annuale competizione di hacking Pwn2wn – parte integrante della conferenza mondiale in tema di sicurezza sul web CanSecWest - e, in occasione del quarto anniversario della gara, il premio in contanti per il miglior hacker dell’anno ammontava a 100.000 dollari.

  136. Hacker Cracks IE8, Safari, Firefox and the iPhone in 2 Minutes | Fusion Outrage
    linked on 2010-03-26 @ 11:18 Show Comment

    The first day of the annual Pwn2Own contest in which security researchers can win cash and hardware if they successfully compromise machines using zero-day exploits is finished. Internet Explorer 8 on Windows 7, Firefox 3 on Windows 7, Safari 4 on Mac OS X 10.6, and iPhone OS 3 were all compromised during the competition.

  137. Pwn2Own 2010: bucati iPhone, Safari, Internet Explorer 8 e Firefox
    linked on 2010-03-26 @ 13:18 Show Comment

    Il bollettino di guerra del Pwn2Own 2010 è impietoso: i browser più diffusi sono stati bucati al primo colpo. Safari, Internet Explorer 8, Firefox hanno resistito pochi secondi. L’unico browser a essere rimasto indenne è Chrome, a dimostrazione che l’isolamento dei processi è servito a Google per rendere davvero più sicuro della concorrenza il proprio software.

  138. Hackers don’t even attempt to crack Chrome | Tech Hype
    linked on 2010-03-26 @ 13:37 Show Comment

    This year the Pwn2own hacker competition is being held in Vancouver.  They have alloted $40,000 for their web browser section with each browser worth $10,000.  The four browsers will be Internet Explorer, Firefox, Chrome and Safari.  Now, i think you could pretty much guess how they would fair, but the big shocker was Chrome.  The other browsers were hacked in the first day, but Chrome wasn’t even attempted.

  139. De nuevo hackearon el Iphone | I Beat mX
    linked on 2010-03-26 @ 13:53 Show Comment

    El concurso de hackers Pwn2Own, celebrado en Canadá, ha sido demoledor para los navegadores y el iPhone. Han sucumbido a sus ataques. El citado concurso se celebra en el marco de una conferencia sobre seguridad informática y pretende denunciar la fragilidad de los sistemas informáticos. Los organizadores proponen unos objetivos y unos premios económicos que pueden llegar a los 15.000 dólares. Casi todos los trofeos fueron conseguidos.

  140. Internet Explorer And Firefox Exploited At Security Conference | TechZond
    linked on 2010-03-26 @ 14:07 Show Comment

    ... feed for updates on this topic.Powered by WP Greet BoxIf there is one thing that you do not want to read as a web browser user or browser manufacturer it is that your browser has been exploited at a security conference while others have not. The Pwn2Own security conference is a competitive gathering of security experts who try to successfully compromise computer systems using zero-day exploits. The first security researchers to compromise the systems earn cash prizes and hardware.

  141. iPhone, IE8, y Firefox ‘caen’ en un concurso de ‘hackers’ - ::VeneActual:: - ::Noticias::Tecnologia::Cine::TV::Farandula::Eventos::Entretenimiento::Y Mucho Mas en Venezuela!!!
    linked on 2010-03-26 @ 14:28 Show Comment

    El concurso de hackers Pwn2Own, celebrado en Canadá, ha sido demoledor para los navegadores y el iPhone. Han sucumbido a sus ataques. El citado concurso se celebra en el marco de una conferencia sobre seguridad informática y pretende denunciar la fragilidad de los sistemas informáticos. Los organizadores proponen unos objetivos y unos premios económicos que pueden llegar a los 15.000 dólares. Casi todos los trofeos fueron conseguidos.

  142. FireFox 3.6.3: khóa lỗi "Pwn2own"
    linked on 2010-04-06 @ 01:43 Show Comment

    ... tiền 10.000 USD từ nhà tài trợ 3Com TippingPoint. Pwn2own năm nay có thi tấn công vào các dòng smartphone cụ thể là Apple iPhone 3GS, RIM Blackberry Bold 9700, Nokia E72 dùng Symbian, HTC Nexus One dùng Android. Thông tin về Pwn2Own có thể tham khảo tại đây. Kế đến là “số phận” của trình duyệt Internet Explorer 8. Nhà nghiên cứu an ninh đến từ Hà Lan Peter Vreugdenhil đã thành công trong việc phá vỡ “phòng tuyến” của IE. Vreugdenhil thực thi một cuộc tấn công 4 lớp nhờ vào giải pháp vô hiệu hóa DEP (Data Excution Prevention) và ASLR (Address Space Layout), hai trong số các tính năng bảo mật mạnh mẽ nhất của Windows 7, sau khi máy tính của ban tổ chức truy cập trang web chứa mã độc. Vreugdenhil tuyên bố mình mất chưa đến một tuần để viết ra mã. Tiếp đến, chuyên gia có bí danh Nils từ MWR InfoSecurity đã thành công trong việc tấn công “Cáo lửa” thế hệ 3 trên Windows 7 phiên bản 64 bit, nhờ vào tiện ích calc.exe có sẵn trên máy, mặc dù hacker tuyên bố mình có thể “bắt chết” từ bất kỳ tiến trình nào của hệ thống để tiến hành khai thác. Sử dụng “yếu huyệt” từ lỗi bộ nhớ để tấn công, nhưng Nils cũng sử dụng các phương pháp tấn công nhằm vào cơ chế bảo mật DEP và ASLR như Peter đã dùng để tấn công IE8. Lỗi được Mozilla đánh giá ở cấp độ nguy hiểm nhất trong 4 bậc mức độ lỗi. Theo tiết lộ của chuyên gia này, anh chỉ mất vài ngày để thiết kế ra mã độc tấn công. Hiện Nils là sinh viên Trường đại học Oldenburg, Đức, người từng giành chiến thắng vang dội trước IE8, Safari, Firefox trong cuộc thi Pwn2Own năm ngoái. (Xem video clip tại đây) Google Chrome là trình duyệt duy nhất còn an toàn vì hầu hết các hacker đều... chào thua trong việc khai thác điểm yếu phát hiện được. Tất cả các “đấu sĩ” giành phần thắng tại cuộc thi đều được nhận giải thưởng trị giá 10.000 USD kèm với chiếc laptop đã bị hack gồm có: Apple Macbook Pro 15", HP Envy Beats 15", Sony Vaio 13", và Alienware M11x. FireFox đòi lại thị phần đã mất Thị trường trình duyệt web có một số thay đổi khi FireFox lần đầu tiên trong nhiều tháng đạt 24,5% thị phần, theo số liệu thống kê 40.000 website mà hãng nghiên cứu thị trường NetApplications.com theo dõi vào cuối tháng 3-2010. Tuy vậy, thị phần FireFox đã sụt giảm so với tháng 11-2009 khi “Cáo lửa” nắm giữ 24,8%. Thống kê từ NetApplications tháng 4-2010 Trong khi đó, Mozilla lại công bố bảng thống kê riêng của mình và cho thấy FireFox hiện đang “rất được ưa chuộng” khi nắm giữ gần 30% thị phần trình duyệt trên toàn cầu và 40% tại thị trường châu Âu, tương đương 152,7 triệu người dùng. “Kẻ chiếm đoạt” không ai khác chính là Google Chrome. Trình duyệt “bé hạt tiêu” đang trỗi dậy với 6,1%, tăng 0,5%. Anh em nhà IE với các phiên bản IE6, IE7 và IE8 hiện nắm 60,7%, sụt giảm 0,9% so với tháng trước. Safari của Apple nhích lên đôi chút khi nắm giữ 4,7% và Opera là 2,4%. Opera đã thật sự lột xác từ phiên bản Opera 10.5x, tốc độ tải cải thiện đáng kể và gần như nhanh nhất hiện nay. Trở ngại hiện có là phần add-on khá ít so với kho add-on đồ sộ của Mozilla FireFox. “Bong bóng” trình duyệt, cửa sổ cho phép người dùng Windows tại châu Âu chọn lựa loại trình duyệt tùy ý để cài đặt, đã giúp một số loại trình duyệt như Chrome và Opera có thêm thị phần từ ngay trong ngôi nhà Windows của Internet Explorer. Nhìn chung, thị trường trình duyệt còn đang lắng đọng chờ “quả bom” Internet Explorer 9 châm ngòi vào cuối năm nay. Trả lời với trích dẫn   ...

  143. Roundtable: Apple iPad and Security vs. Freedom
    linked on 2010-04-07 @ 11:23 Show Comment

    After being hacked easily in 2009 Apple tried to do better in the 2010 Pwn2Own browser-hacking competition. Less than two weeks before the event Apple pushed out a Safari update that patched 16 vulnerabilities.

  144. Chrome safest browser? « PC repair
    linked on 2010-04-07 @ 16:25 Show Comment

    Further reading from the pwn2own organizers Search

  145. Chrome Safest Browser? « PC Rescue
    linked on 2010-04-07 @ 17:59 Show Comment

    Further reading from the pwn2own organizers Possibly related posts: (automatically generated)E-commerce security hole, SSL weaknessOne-in-four hackers runs Opera to ward off other criminalsiPhone, Firefox, Safari, IE8 Hacked at Pwn2Own Contest Posted in 1. Leave a Comment »

  146. Chrome Browser–Unhacked - Gadgetwise Blog - NYTimes.com
    linked on 2010-04-08 @ 09:03 Show Comment

    Late last month, another kind of games was held in Vancouver: the Pwn2Own contest, where computer-security researchers were invited to hack computers using unknown, or “zero-day,” vulnerabilities in Web browsers.

  147. Use Chase Bank? They Think IE6 Is More Secure Than Chrome – Be Afraid | winextra
    linked on 2010-06-29 @ 12:05 Show Comment

    Far be it from me to point out the idiocy of this decision by Chase, to the readers of WinExtra. You guys already know that Chrome is the fastest growing browser and is the only browser to remain unhacked during annual Pwn2Own competition.

  148. Mozilla offre 3 000 dollars pour chaque faille critique découverte - Faiçal Le Presque Direct
    linked on 2010-07-17 @ 08:17 Show Comment

    C’est notamment le cas avec le concours Pwn2Own qui propose, en cumulant toutes les sommes, jusqu’à 100 000 dollars de prix. Dans ces conditions, il n’est donc pas surprenant que Mozilla augmente ses récompenses, pour éviter que des failles critiques ne soient pas colmatées, mais aussi pour s’épargner une mauvaise presse dans des concours où la sécurité des navigateurs risque d’être quelque peu bousculée :Mozilla offre 3 000 dollars pour chaque faille critique découverte

  149. iPhone will be first mobile device to fall at Pwn2Own 2010 | Wordinvestor
    linked on 2010-09-16 @ 13:54 Show Comment

    ... $('.dd-fblike-3204').remove();$('.DD_FBLIKE_AJAX_3204').attr('width','450');$('.DD_FBLIKE_AJAX_3204').attr('height','25');$('.DD_FBLIKE_AJAX_3204').attr('src','http://www.facebook.com/plugins/like.php?href=http://wordinvestor.com/2010/03/iphone-will-be-first-mobile-device-to-fall-at-pwn2own-2010/&show_faces=false'); }); } function loadDelicious_3204(){ jQuery(document).ready(function($) { $('.dd-delicious-3204').remove();$('.delicious-normal-img,.delicious-compact-img').show();$.getJSON('http://feeds.delicious.com/v2/json/urlinfo/data?url=http://wordinvestor.com/2010/03/iphone-will-be-first-mobile-device-to-fall-at-pwn2own-2010/&callback=?',function(data) {var msg ='';var count = 0;if (data.length 0) {count = data[0].total_posts;if(count ==0){msg = 'Save';}else if(count ==1){msg = '1 save';}else{msg = count + ' saves'}}else{msg = 'Save';}$('#DD_DELICIOUS_AJAX_3204').text(msg);}); }); } function loadSphinn_3204(){ jQuery(document).ready(function($) { $('.dd-sphinn-3204').remove();$('.DD_SPHINN_AJAX_3204').attr('width','54');$('.DD_SPHINN_AJAX_3204').attr('height','71');$('.DD_SPHINN_AJAX_3204').attr('src','http://sphinn.com/evb/url.php?url=http://wordinvestor.com/2010/03/iphone-will-be-first-mobile-device-to-fall-at-pwn2own-2010/'); }); }The fourth annual Pwn2Own contest—which takes place at the CanSecWest security conference every year—kicks off next week. Like last year, 2010′s contest will offer security experts and hackers the chance to “pwn” a number of mobile platforms in addition to various browser/OS combinations. Though no mobile devices were successfully hacked last year, expectations are high that the iPhone will go down in this year’s contest. ...

  150. And the browser losers are … | Skicat56's Blog
    linked on 2010-09-15 @ 15:01 Show Comment

    While Firefox and Safari may be better than IE, these Web browsers didn’t last very long either. As for Google’s own Web browser, at this point, it’s seemed no one’s even tried to bust Chrome according to the group sponsoring the contest, the TippingPoint’s ZDI (Zero Day Initiative).

  151. Got an iPhone? There’s an App for Hacking That - house of articles, news, product description and reviews
    linked on 2010-08-14 @ 13:50 Show Comment

    JailbreakMe “shows exactly the threat scenario that mobile phones can face,” adds Vincenzo Iozzo, an engineer for Zynamics. Iozzo was part of a team that won an iPhone hacking contest earlier this year at the CanSecWest security conference in Vancouver. He explains that smart phones are often protected by a technology known as “sandboxing,” which is supposed to isolate some functionality in the phone from installed software, thus preventing attackers from gaining total control. JailbreakMe bypasses sandboxing, demonstrating a serious threat to the device.


Trackback