TippingPoint Digital Vaccine Laboratories
DID YOU KNOW... DVLabs and our Zero Day Initiative were credited with discovering 17 Microsoft vulnerabilities in 2006 alone.

Announcing Pwn2Own 2011



It's that time of year again and the Zero Day Initiative (ZDI) team here at HP TippingPoint is proud to announce the 5th annual Pwn2Own competition is back. We have some exciting additions this year including the first ever vendor sponsorship, new attack surfaces, and even more prizes for competitors. If you're unfamiliar with the contest you can take a look at the archived blog posts from 2008, 2009, and 2010.

Last year the contest was a great success, with three of the four browsers successfully compromised as well as the Apple iPhone. As you may all be aware, after Peter Vreugdenhil demonstrated his IE8 hack last year, we relocated him from the Netherlands to join our team. This year Peter will be participating officially as a Pwn2Own judge.

As mentioned previously, we've upped the ante this time around and the total cash pool allotted for prizes has risen to a whopping $125,000 USD. While HP TippingPoint is funding $105,000 of that, we've partnered with Google who has generously offered up $20,000 to the researcher who can best their Chrome browser. Kudos to the Google security team for taking the initiative to approach us on this; we're always in favor of rewarding security researchers for the work they too-often do for free.

Overview


Similarly to last year the competition will focus on two main technologies: web browsers and mobile devices. Staying true to the original intent of the Pwn2Own contest we intend to empirically demonstrate the current security posture of the most prevalent products in use today.

Following the Contest


The contest will be taking place on the 9th, 10th, and 11th of March, 2011 in Vancouver, BC during the CanSecWest conference. This blog post will be updated as the contest plays out, but for real-time updates you can follow either @thezdi or myself on twitter or search for the hashtag #pwn2own.

Please direct all press inquiries for HP TippingPoint/ZDI to: Jacinda Mein <JacindaAnn.Mein@bm.com> or Arseny Tseytlin <Arseny.Tseytlin@bm.com>

Registration


Pre-registration has closed. On-site registration is still available if the targets have not been compromised.
Each contestant will have a 30-minute time slot in which to complete their attempt (not counting time to set up possible network or device pre-requisites).

Target: Web Browsers


This year the web browser targets will be the latest release candidate (at the time of the contest) of the following products:

  • Microsoft Internet Explorer
  • Apple Safari
  • Mozilla Firefox
  • Google Chrome

Each browser will be installed on a 64-bit system running the latest version of either OS X or Windows 7.

The laptop prizes include:

  • Sony Vaio running Windows 7
  • Alienware m11x running Windows 7
  • Apple MacBook Air 13" running Mac OS X Snow Leopard
  • Google CR-48 running ChromeOS (no attacks against this device, it is merely a prize. The Chrome target will be running on the other laptops)

A successful hack of IE, Safari, or Firefox will net the competitor a $15,000 USD cash prize, the laptop itself, and 20,000 ZDI reward points which immediately qualifies them for Silver standing. Benefits of ZDI Silver standing include a one-time $5,000 USD cash payment, 15% monetary bonus on all ZDI submissions in 2011, 25% reward point bonus on all ZDI submissions in 2011 and paid travel and registration to attend the DEFCON Conference in Las Vegas.

As for Chrome, the contest will be a two-part one. On day 1, Google will offer $20,000 USD and the CR-48 if a contestant can pop the browser and escape the sandbox using vulnerabilities purely present in Google-written code. If competitors are unsuccessful, on day 2 and 3 the ZDI will offer $10,000 USD for a sandbox escape in non-Google code and Google will offer $10,000 USD for the Chrome bug. Either way, plugins other than the built-in PDF support are out of scope.

Target: Mobile Phones


This year we are excited to announce we have increased the attack surface eligible for a successful hack against the mobile phone targets. We will have a base station on-site so that competitors will be able to perform attacks against the cell phone basebands. Due to the sensitive nature of the vulnerabilities we expect and the fact that an attack would require the exploit to be transmitted over RF, we will have this nifty RF enclosure from Ramsey Electronics on hand for testing:







This device has a built-in video recording feature and we plan on publishing the feed after the contest has ended.

The following are the target mobile devices for the contest:

  • Dell Venue Pro running Windows 7
  • iPhone 4 running iOS
  • Blackberry Torch 9800 running Blackberry 6 OS
  • Nexus S running Android


A successful attack against these devices must require little to no user interaction and must compromise useful data from the phone. Any attack that can incur cost upon the owner of the device (such as silently calling long-distance numbers, eavesdropping on conversations, and so forth) is within scope.

A successful compromise of any of these targets will win the contestant a cash prize of $15,000 USD, the device itself, and 20,000 ZDI reward points which immediately qualifies them for Silver standing. Benefits of ZDI Silver standing include a one-time $5,000 USD cash payment, 15% monetary bonus on all ZDI submissions in 2011, 25% reward point bonus on all ZDI submissions in 2011 and paid travel and registration to attend the DEFCON Conference in Las Vegas.

Time Slots


  • Apple Safari: VUPEN, Anon_07, Team Anon, Charlie Miller
  • Mozilla Firefox: Sam Thomas, Anonymous_1
  • Microsoft Internet Explorer: Stephen Fewer, VUPEN, Sam Thomas
  • Google Chrome: Moatz Khader, Team Anon

  • Apple iPhone: Anon_07, Dion Blazakis and Charlie Miller, Team Anon, Anonymous_1
  • RIM Blackberry: Anonymous_1, Team Anon
  • Samsung Nexus S: Jon Oberheide, Anonymous_1, Anon_07, Team Anonymous
  • Dell Venue: George Hotz, Team Anonymous, Anonymous_1


Competition Results


  • Microsoft Internet Explorer: Stephen Fewer
  • Apple Safari: VUPEN
  • Apple iPhone: Charlie Miller and Dion Blazakis
  • RIM BlackBerry: Vincenzo Iozzo, Willem Pinckaers and Ralf-Philip Weinmann




Tags:
Published On: 2011-02-02 15:57:08

Comments post a comment

  1. Anonymous commented on 2011-02-03 @ 07:03

    Care to explain absence of a Liinux based system? Why is it that there already was a Linux based distro and has since then greatly increased it's popularity. Why the absence of Linux?
    I understand that there are hundreds of distros but you can simple get two or one of the most popular and hack this? Choose Ubuntu or Fedora and we are done with whining...

  2. civil corner commented on 2011-02-04 @ 02:10

    i will join,
    the feedback is fantastic

  3. Anonymous commented on 2011-02-04 @ 15:45

    Could you please include Opera next time or add it for this contest real quick. It'd be good to attack an engine that is rarely touched.

  4. Anonymous commented on 2011-02-05 @ 18:43

    I love this.

  5. Anonymous commented on 2011-02-05 @ 20:34

    Is it only open to conference attendees?
    Can one competitor try multiple browsers and eventually win multiple prizes?

  6. Monny77 commented on 2011-02-09 @ 05:17

    Definitely an interesting contest and like every year the results as well as look!!!

  7. GBleezy commented on 2011-02-09 @ 07:24

    Nobody really uses Opera, so it's really not that cool of a thing to be hacking I'd think. It seems this contest is geared more towards rooting out real world threats that that would effect the majority of people would be interested in, including both the h4x0rz and the Sux0rz (the people that just want their thing to work)

  8. Anonymous commented on 2011-02-09 @ 19:26

    I wonder if Google will update Chrome again a day before the competition. ;)

  9. Anonymous commented on 2011-02-10 @ 15:51

    Nobody cares about linux distros, they've proven they can't get their act together into one stable build. Instead they drop out 100's of non-standardized turdlets that are a nightmare to support and deal with. The best thing that could happen in the linux community is A.) Get together and work on one well refined distro or B.) Just go away, we'll use unix or windows.

  10. Anonymous commented on 2011-02-10 @ 22:47

    i do think google will update Chrome. I use opera

  11. Anonymous commented on 2011-02-12 @ 17:13

    ??? "nobody cares bout linux distros? maybe not on a desktop level, but they certainly do on a server level. I would certainly like to see Charlie Miller (or anyone) aim his guns at Red Hat, Suse, or something.

    and I think it's more popular than unix. Mind you, i don't consider OS X unix. Yeah, it's a variant, but it's not unix in the true sense of the o/s. FreeBSD is unix,Solaris is unix...and there are distros of Linux on their own that are more popular than those two combined.

  12. Anonymous commented on 2011-02-12 @ 17:16

    I'm very interested to see the smartphone results. I'm curious is BB will stand up to the challenge; also, with all of the talk/support lately about bringing iPhones in, I'm curious how susceptible they are (not to mention, this recent news: http://threatpost.com/en_us/blogs/how-recover-iphone-passwords-six-minutes-021011

    I expect Droid and Win7 to fall within minutes. Droid has too many holes, and win7 is too new to have the security kinks worked out.

  13. Anonymous commented on 2011-03-05 @ 22:34

    Is Google Chrome going to be tested on OS X? I've always wondered how that would turn out...

  14. Anonymous commented on 2011-03-06 @ 13:45

    no linux AGAIN. Puuuurlease.

  15. Anonymous commented on 2011-03-07 @ 14:00

    To make the contest more fair, why not make sure that whatever computer you crack can be exchanged for any of the other models available. So if one particular KIND of notebook or device is more desirable than the rest, it won't fall first just because of that.

  16. crypt commented on 2011-03-10 @ 10:36

    People who think Linux and Opera are not worth to be consider are really snobbish and don't see farther their nose. I suggest them to look on the other side of the globe.

  17. Ravi Kishor Shakya commented on 2011-03-10 @ 22:03

    i m xtremely interested to learn how they go abt thrashing these browsers. any stepwise account of that?

  18. Thierry commented on 2011-03-11 @ 03:44

    What about the most widely used mobilephone OS "Symbian" ?

  19. minneapolis handyman commented on 2011-03-11 @ 11:29

    This year Peter will be participating officially as a Pwn2Own judge.

  20. Anonymous commented on 2011-03-13 @ 05:32

    Nobody showed to hack Chrome because they knew they couldn't.

  21. Anonymous commented on 2011-06-18 @ 17:13

    i've used Opera for years purely for it's almost anonymity (and simplicity of use). it is constantly regarded as very safe, not only for it's build but cos as said earlier, no one targets it.
    i don't look forward to the day when it reaches critical mass.

  22. Logo Design commented on 2011-06-21 @ 08:38

    Wow, Its interesting and useful for all. I like it so much .

  23. diseño web commented on 2011-06-27 @ 11:13

    ??? "nobody cares bout linux distros? maybe not on a desktop level, but they certainly do on a server level. I would certainly like to see Charlie Miller (or anyone) aim his guns at Red Hat, Suse, or something.

    and I think it's more popular than unix. Mind you, i don't consider OS X unix. Yeah, it's a variant, but it's not unix in the true sense of the o/s. FreeBSD is unix,Solaris is unix...and there are distros of Linux on their own that are more popular than those two combined.

  24. resume writing service commented on 2011-07-05 @ 15:05

    Interesting post. I liked the poit about mobiles and browser.. thanks

  25. Jesus Castillo - Culturismo sinTonterias commented on 2011-07-17 @ 15:53

    To make the contest more fair, why not make sure that whatever computer you crack can be exchanged for any of the other models available.

  26. Custom Logo Design commented on 2011-08-02 @ 17:48

    Article is extremely nicely written and, I’m pleased to find a lot of helpful information within the publish, thank you for discussing it here. I think you’ll will be adding more.

  27. dell computers commented on 2011-08-05 @ 02:30

    You clearly know so much about the subject, you’ve covered so many bases. Great stuff from this part of the internet. Again, thank you for this blog.

  28. bestdating commented on 2011-08-12 @ 10:14

    I could probably hack most of the devices out there but then would it be hacked or would I be hacked? So many of the true Hackers may not reveal themselves here.

  29. Jesus Castillo | Culturismo sin Tonterias commented on 2011-08-16 @ 12:31

    Great website. People who think Linux and Opera are not worth to be consider are really snobbish and don't see farther their nose.

  30. Anonymous commented on 2011-10-02 @ 21:12

    hi love this post too much and Thanks for post it.

  31. Shirna commented on 2011-10-16 @ 12:04

    I will look forward to this one and hope to have more to come.

  32. Frank commented on 2011-10-18 @ 20:00

    browser if it is I'll stay forever with Mozilla Firefox is the most efficient and there are a lot of plugin to help us a lot at work, Google Chrome cache loads very much!

  33. Monywo commented on 2011-10-24 @ 03:26

    Link to the mobile world, only say it's the most important communication way. Why don't say A successful attack against these devices must require little to no user interaction and must compromise useful data from the phone. I like this.

  34. Frank commented on 2011-10-27 @ 05:02

    I liked this very interesting and I want to continue to prepare for this thanks.

  35. Anonymous commented on 2011-10-28 @ 02:40

    I really have to admit it’s quite a novelty to arrive at a relatively ‘different’ blog like this, great job. I expect I’ll be coming back fairly soon and I look forward to reading your next post when I do.

  36. Samsung Galaxy Note Review commented on 2011-11-19 @ 23:50

    You should do another test with some of these later models coming out. Should be interesting. What do ya think?

  37. Victoria commented on 2011-12-06 @ 13:47

    Very interesting results! The competition was pretty fierce.

  38. adoia commented on 2011-12-09 @ 18:22

    Chrome very Nice:)

  39. owen commented on 2011-12-17 @ 15:17

    Last year i really enjoyed the contest.It good to know that 5th annual Pwn2Own competition is back again.I hope this will be fun again.


Links To This Post

  1. Hackerwettbewerb: Google zahlt 20.000 Dollar fr Chrome-Sandbox-Exploit - Security | News | ZDNet.de
    linked on 2011-02-03 @ 04:11 Show Comment

    TippingPoint hat den Hackerwettbewerb Pwn2Own 2011 angekndigt, der vom 9. bis 11. Mrz im kanadischen Vancouver stattfinden wird. Zu den Sponsoren zhlt in diesem Jahr Google. Das Unternehmen stellt ein Preisgeld von 20.000 Dollar zu Verfgung, das derjenige erhlt, der einen Exploit in Chrome findet und die Kontrolle ber ein Cr-48-Chrome-Netbook bernehmen kann.

  2. Pwn2Own 2011: Google offering $20,000 for Chrome sandbox exploit | ZDNet
    linked on 2011-02-02 @ 17:06 Show Comment

    Kernel bugs and plugins other than the built-in PDF support are all out of scope for Chrome, TippingPoint ZDI said.

  3. Pwn2Own 2011: Google offering $20,000 for Chrome sandbox exploit | ZDNet
    linked on 2011-02-02 @ 17:06 Show Comment

    Kernel bugs and plugins other than the built-in PDF support are all out of scope for Chrome, TippingPoint ZDI said.

  4. Hack Chrome And Get A CR48 Notebook and $20000 In Prize | Chrome Story
    linked on 2011-02-03 @ 04:31 Show Comment

    Cr48 is not a target in this competition. Hackers will have to break chrome browser on windows 7 machines to win and CR48 notebook is only a part of the prize.  Here is the highlight from the blogpost. Google CR-48 running ChromeOS (no attacks against this device, it is merely a prize. The Chrome target will be running on the other laptops) As for Chrome, the contest will be a two-part one. On day 1, Google will offer $20,000 USD and the CR-48 if a contestant ...

  5. Batalla de seguridad de navegadores en CanSecWest, concurso Pwn2Own | MuySeguridad
    linked on 2011-02-03 @ 04:41 Show Comment

    Para la fecha en la que se llevará a cabo, es muy probable que las versiones de los navegadores sean IE9 RC, Chrome 10, Firefox 4.0. Los portátiles que serán objetivo de los ataques será un Sony Vaio con Windows 7, Alienware m11x con Windows 7, MacBook Air con Mac OS X Snow Leopard, y Google CR-48  con Chrome OS -sólo como regalo-.

  6. Google bets $20K that Chrome can't be hacked Tech Blogged | Tech Blogged
    linked on 2011-02-03 @ 06:56 Show Comment

    TippingPoint, which is again sponsoring Pwn2Own, set the contest’s rules Wednesday in a blog post written by Portnoy.

  7. Nexus S to take on hackers at Pwn2Own 2011 contest | The Android Site
    linked on 2011-02-03 @ 07:10 Show Comment

    For full details go visit the DV Labs blog. Related Posts:Android Joining This Year’s Pwn2Own ContestNexus One and Nexus S getting OTA updates now, fixes SMS bugAndroid ported to the Chrome OS CR-48 notebook

  8. Google paga US$ 20 mil a quem conseguir hackear o Chrome
    linked on 2011-02-03 @ 07:26 Show Comment

    A Tipping Point, que mais uma vez patrocina o concurso, divulgou as regras da competição na quarta-feira (2/2), em seu blog.

  9. Pwn2Own 2011: Extra prize for Chrome hack
    linked on 2011-02-03 @ 07:31 Show Comment

    ... managed to inject and execute code via a vulnerability. The most recent similar hole in Chrome was closed in mid-January the developer who discovered it received $3133.7 for his find. Organised by the Zero Day Initiative (ZDI) team at security researchers TippingPoint, the Pwn2Own 2011 contest offers a further $105,000 for security holes found in Internet Explorer, Safari and Firefox, as well as in Windows Phone 7, iOS, Blackberry 6 and Android, that allow malicious code to be injected and executed. Holes in Symbian have been dropped from the program this year. For the first time, contestants have also been invited to attack potential firmware holes in wireless modules. Often called "baseband", this hardware includes such components as GSM and UMTS transmitters and receivers, as well as modulators and demodulators, and is implemented via a special processor. The attacks are to reveal holes in the relevant firmware, for instance in the GSM stack. At the recent Black Hat conference, Ralf-Philipp Weinmann already demonstrated how to use specially crafted GSM packets to inject code into the baseband processor and execute it there independently of the smartphone operating system in use on the device. ...

  10. Google Puts $20,000 Bounty On Chrome In Hacking Contest « SaaS Newswire
    linked on 2011-02-03 @ 07:37 Show Comment

    At the Pwn2Own contest next month, Google  will offer $20,000 to the first security researcher who can gain full control of a laptop running its Chrome Browser, a task that requires defeating the software’s sandbox protections, measures designed to isolate an attack within the browser and prevent it from accessing the ...

  11. Google paga US$ 20 mil a quem conseguir hackear o Chrome | Variedades
    linked on 2011-02-03 @ 07:40 Show Comment

    A Tipping Point, que mais uma vez patrocina o concurso, divulgou as regras da competição na quarta-feira (2/2), em seu blog.

  12. Google Offers $20,000 and a Laptop for a Chrome Hack | TheNewAdmin
    linked on 2011-02-03 @ 10:27 Show Comment

    Organized by the Zero Day Initiative (ZDI) team at HP TippingPoint, the contest offers further prizes totaling $105,000 for successful hacks on Microsoft Internet Explorer, Apple Safari and Mozilla Firefox, as well as these mobile phones: Dell Venue Pro running Windows 7, iPhone 4 running iOS, Blackberry Torch 9800 running Blackberry 6 OS and Nexus S running Android.

  13. Google Offers $20K To Anyone Who Can Hack Google Chrome - Techland - TIME.com
    linked on 2011-02-03 @ 11:08 Show Comment

    The hacks will have to be made to Chrome Web browser's running on the latest 64-bit release of either Windows 7 or Mac OS X. Contest rules state that the hack must “must include a sandbox escape,” which means whatever the hack weakens may be combined with another security flaw that must be written in Google code to cause the whole system to crumble. (Chrome supposedly has built-in sandbox protection. According to PC World, ...

  14. Think you can hack Chrome? Google has $20K with your name on it! | ZDNet
    linked on 2011-02-03 @ 08:14 Show Comment

    Here are the details: As mentioned previously, we’ve upped the ante this time around and the total cash pool allotted for prizes has risen to a whopping $125,000 USD. While HP TippingPoint is funding $105,000 of that, we’ve partnered with Google who has generously offered up $20,000 to the researcher who can best their Chrome browser. Kudos to the Google security team for taking the initiative to approach us on this; we’re always in favor of rewarding security researchers for the work they too-often do for free.

  15. Win $20K if You can Hack Chrome! | Pwnday 2011 | Webscopia
    linked on 2011-02-03 @ 10:21 Show Comment

    Portnoy announced the rules of this years Pwnday in a blog post. The main aim behind this day is to help manufacturers find vulnerabilities in their software and programming. Hacking Chrome is more difficult than it sounds. Chrome’s sandbox quality makes it a more arduous process than usual. Sandbox is an anti exploit defense that makes it nearly impossible ...

  16. Google offers $20,000 for successful Cr-48 Chrome OS hack at Pwn2Own 2011 | Daily World Events
    linked on 2011-02-03 @ 09:07 Show Comment

    Google isn’t just bringing the Chrome Browser to Pwn2Own 2011 — this time, it’s also bringing its own hardware. The Cr-48 Chrome OS laptop will be on hand for the browser exploiting hullabaloo, and Google is offering $20,000 for a successful exploit. According to the event’s organizer, the attacker will also need to escape Chrome’s sandbox. At last year’s event, prominent researcher Charlie Miller said that’s no easy task, so we’re very curious to see whether someone will succeed this time around.

  17. Google Tempts Hackers With $20,000 Prize| Rodney Payne
    linked on 2011-02-03 @ 10:31 Show Comment

    Aaron Portnoy, Manager of the Security Research Team at TippingPoint Technologies (which is behind the event), explained in an official blog post, "[W]e’ve partnered with Google who has generously offered up $20,000 to the researcher who can best their Chrome browser."

  18. Information Technology Leader - Google Serves Up $20,000 Chrome Exploit Challenge
    linked on 2011-02-03 @ 10:16 Show Comment

    In the grand scheme of things, relatively few people ever claim $20,000 for a day’s worth of work. You can be one of them, provided you put your hacker hat on and attend the Pwn2Own contest next month. Google’s challenge is this: Be the first to “pop [the Cr-48's Chrome] browser and escape the sandbox using vulnerabilities purely present in Google-written code” and the bounty, as well as the laptop, are both yours to keep, TippingPoint said in a blog post.

  19. Компания Google намерена выплатить 20 тыс. долларов за взлом браузера Chrome | AllUNIX.ru – Всероссийский портал о UNIX-системах
    linked on 2011-02-03 @ 10:21 Show Comment

    В преддверии мартовской конференции Pwn2Own, на которой состоится традиционное соревнование по взлому популярных web-браузеров, компания Google учредила специальный приз в размере 20 тыс. долларов, который будет вручен любому участнику, продемонстрировавшему способ эксплуатации системы через взлом web-браузера Chrome. Общий призовой фонд конкурса в этом году составит 125 тыс. долларов.

  20. Notícia: Google paga US$ 20 mil a quem conseguir hackear o Chrome | Notícias
    linked on 2011-02-03 @ 09:16 Show Comment

    A Tipping Point, que mais uma vez patrocina o concurso, divulgou as regras da competição na quarta-feira (2/2), em seu blog.

  21. Google Puts $20,000 Bounty On Chrome In Hacking Contest - Andy Greenberg - The Firewall - Forbes
    linked on 2011-02-03 @ 09:20 Show Comment

    At the Pwn2Own contest next month, Google  will offer $20,000 to the first security researcher who can gain full control of a laptop running its Chrome Browser, a task that requires defeating the software’s sandbox protections, measures designed to isolate an attack within the browser and prevent it from accessing the ...

  22. Google Ups The Ante At Pwn2Own 2011 Offers $20k For Chrome Hack | Geek News
    linked on 2011-02-03 @ 10:26 Show Comment

    ... Hack Google reportedly raised the stakes for this years Pwn2Own hacking contest, offering up an additional $20,000 for anyone that successfully hacks into Google Chrome. Organized by the Zero Day Initiative (ZDI) team at security researchers TippingPoint, the 5th annual Pwn2Own 2011 contest pits security teams against some of your favors operating systems equipped with the webs best browsers as well as some of our favorite smartphones. This year the contest will offer up to $125,000 in prizes ($105k plus Google's bonus) for the teams that find and exploit security holes in Internet Explorer, Safari and Firefox, as well as in Windows Phone 7, iOS, Blackberry 6 and Android. To walk off with Google's $20,000 the researchers must ...

  23. Google Gambles $20k that Chrome Can’t be Cracked « facedone
    linked on 2011-02-03 @ 09:51 Show Comment

    According to posted details about the Pwn2Own contest, a successful attack against Chrome will be measured over a few days. “On day 1, Google will offer $20,000 USD and the CR-48 if a contestant can pop the browser and escape the sandbox using vulnerabilities purely present in Google-written code. If competitors are unsuccessful, on day 2 and 3 the ZDI will offer $10,000 USD for a sandbox escape in non-Google code and Google will offer $10,000 USD for the Chrome bug. Either way, plugins other than the built-in PDF support are out of scope.”

  24. Computer Troopers » Google Offers $20,000 and a Laptop for a Chrome Hack
    linked on 2011-02-03 @ 10:42 Show Comment

    Organized by the Zero Day Initiative (ZDI) team at HP TippingPoint, the contest offers further prizes totaling $105,000 for successful hacks on Microsoft Internet Explorer, Apple Safari and Mozilla Firefox, as well as these mobile phones: Dell Venue Pro running Windows 7, iPhone 4 running iOS, Blackberry Torch 9800 running Blackberry 6 OS and Nexus S running Android.

  25. Google gambles $20000 that Chrome can’t be hacked | MyGeist
    linked on 2011-02-03 @ 10:34 Show Comment

    This is the first time any browser maker has added prize money and the first time Google has participated, according to TippingPoint, which is sponsoring the event. A total of $125,000 in prizes will be given to those who successfully hack varying browsers and mobile devices. Cracking Internet Explorer, Safari, or Firefox will net successful hackers $15,000.  Prizes for cracking Windows Phone 7, iPhone 4, BlackBerry 6 OS, or Android will also win exploiters $15,000 plus a device running the operating system.

  26. Planet Android » Blog Archive » Nexus S to take on hackers at Pwn2Own 2011 contest
    linked on 2011-02-03 @ 10:46 Show Comment

    For full details go visit the DV Labs blog.

  27. Google looft prijs uit voor Pwn2Own-hack Chrome » Clippy.be
    linked on 2011-02-03 @ 11:32 Show Comment

    Googles actie is onderdeel van de browsercompetitie. Bij de browsers zijn dit jaar ook Internet Explorer, Safari en Firefox onder de slachtoffers. Iedere browser wordt geïnstalleerd op een 64bit-versie van OS X of Windows 7. Een succesvolle hack levert een deelnemer in ieder geval 15.000 dollar op, de laptop waarop hij zijn poging deed en 20.000 ZDI-punten. Deze punten horen bij het Zero Day Initiative, een onderdeel van TippingPoint. Iedere deelnemer krijgt dertig minuten toegewezen.

  28. Google offers $20,000 prize to hack Chrome at security conference | MyCE – My Consumer Electronics
    linked on 2011-02-03 @ 12:03 Show Comment

    Aaron Portnoy, who manages TippingPoint Technologies’ Security Research Team and helped develop the Pwn2Own contest, blogged about the upcoming contest and explained the special rules for exploiting Chrome:

  29. Link - Estadao.com.br
    linked on 2011-02-03 @ 12:04 Show Comment

    O Pwn2Own acontece anualmente no Canadá e tem patrocínio da Tipping Point — que é quem define as regras da competição, já anunciadas.

  30. Hazte hacker de Google y gana 20000 dolares | La Idea Feliz
    linked on 2011-02-03 @ 12:51 Show Comment

    Por primera vez, el concurso canadienses de hackers Pwn2Own tiene una empresa privada que ofrece una recompensa por el éxito de un experimento. Google ha prometido 20.000 dólares a quien consiga atacar con éxito el navegador Chrome.

  31. Google Offers $20,000 and a Laptop for a Chrome Hack « cybersaviours
    linked on 2011-02-03 @ 13:32 Show Comment

    Organized by the Zero Day Initiative (ZDI) team at HP TippingPoint, the contest offers further prizes totaling $105,000 for successful hacks on Microsoft Internet Explorer, Apple Safari and Mozilla Firefox, as well as these mobile phones: Dell Venue Pro running Windows 7, iPhone 4 running iOS, Blackberry Torch 9800 running Blackberry 6 OS and Nexus S running Android.

  32. Google offers $20,000 for Chrome hack
    linked on 2011-02-03 @ 14:05 Show Comment

    ... the fifth annual Pwn2Own hacking contest, which takes place from March 9-11. The contest is a part of the CanSecWest security conference held in Vancouver, British Colombia.This is the first time any browser maker has added prize money and the first time Google has participated, according to TippingPoint, which is sponsoring the event. Google’s contribution came after the company learned that its Chrome browser wouldn’t be included in the competition due to its similarity to Apple’s Safari browser (both run on Webkit, an open source browser engine). Last year, Chrome performed best among all the browsers in the competition, reports The Register.In addition to Google’s contribution, $105,000 in prizes will be given by Pwn2Own to those who successfully hack varying browsers and mobile devices. Cracking Internet Explorer, Safari, or Firefox will net successful hackers $15,000. Prizes for hacking Windows Phone 7, iPhone 4, BlackBerry 6 OS, or Android will also win exploiters $15,000 plus a device running the operating system.“Similarly to last year the competition will focus on two main technologies: web browsers and mobile devices,” writes Aaron Portnoy, manager of the security research team at TippingPoint.  ”Staying true to the original intent of the Pwn2Own contest we intend to empirically demonstrate the current security posture of the most prevalent products in use today.”Google appears fairly confident in its Chrome browser. It will be interesting to see how it fares against the competition this year. This is also the first year Windows Phone 7 will be competing. Is Microsoft’s fledgling OS ready for the competition?Update: Made some updates to the headline and body to clarify points of the story and added an additional source. Related PostsGoogle Chrome browser nears 10 percent s…Love it or leave it alone? First impress…The Best Web Browsers Reviewed: Internet…Google vs. Bing experiment: Half of sear…/*');/*]]*/ /*');/*]]*/ Computing Tags: Aaron PortnoyandroidBlackBerry OS 6.0CanSecWestcompetitionGoogleGoogle Chromehackershacking contestInternet ExploreriOSMozilla Firefoxprizes


Trackback