Tuesday, January 29, 2013

Google Bets Big On Chrome OS Offers Pwnium Hackers $3.14M In Potential Prizes

Google has had a long standing history in betting big on it's products. They were one of the first companies to offer the public bug bounties for their Chrome browser and just last year took thing to a new level with the $1million sponsorship of "Pwnium". Now the search giant is taking things to new heights tripling the maximum total prize money to $3.14 million.

Dubbed Pwnium 3, this new challenge will open the door for researchers to focus their sites on the Chrome OS, Google's browsers based operations system that has been gaining a bit of traction thanks to the ChromeBook. The content will reward those who can hack the operating system with individual prizes of $110,000 and $150,000 with a max total up to $3.14159 million.

The attack must be demonstrated against a base (WiFi) model of the Samsung Series 5 550 Chromebook, running the latest stable version of Chrome OS. Any installed software (including the kernel and drivers, etc.) may be used to attempt the attack.

Pwnium 3 will take place along side the Pwn2Own during the CanSecWest security conference held March 7th in Vancouver, British Columbia. Google will also partner with HP TippingPoint's Zero Day Initiative (ZDI) bug bounty program to host Pwn2Own. That contest, with $560,000 in total cash prizes, will focus on Web browsers, including Chrome, Microsoft's Internet Explorer (IE) and Mozilla's Firefox, as well as plug-ins from Adobe and Oracle.

Google withdrew support for last years event citing differences in what information was going to be made available concerning the exploits used in achieving the hacks. Full exploit details are traditionally been handed over after the contest however last year was an exception and an explicit non-requirement for the contest which Google felt was unacceptable.

"This year, we've teamed up with ZDI by working together on the Pwn2Own rules and by underwriting a portion of the winnings for all targets," said Evans about the new understanding between Google and HP TippingPoint. "The new rules are designed to enable a contest that significantly improves Internet security for everyone. At the same time, the best researchers in the industry get to showcase their skills and take home some generous rewards."

No comments:

Post a Comment

All comments will be moderate for content, please be patient as your comment will appear as soon as it has been reviewed.

Thank you