Saturday, March 09, 2013

Pwn2Own Comes To A Close With Record Payouts

The annual Pwn2Own hacking competition ended last week with security teams taking home a record total award payout for the two day event amounting to $480,000 overall. Hackers at the event, which runs along side the CanSecWest event in Vancouver, successfully exploited all but two of the potential victims, leaving Apple's Safari browser running on OS X Mountain Lion untested and failing to take down Google's Chrome OS.

Several security teams tried but couldn't break Google's latest version of Chrome OS in the company's Pwnium 3 contest, leaving the record $3.14159 million (yes, that's Pi, for those keeping track at home) in prize money untouched. "Pwnium 3 has completed and we did not receive any winning entries," a Google spokeswoman said in an email late Thursday. "We are evaluating some work that may qualify as partial credit."

Security teams were able to exploit all of the browsers tested, which included Google's Chrome browser IE10 and Firefox, along with the browser based plugins Flash and Java, a new addition to the contest this year.

Pwn2Own organizer HP TippingPoint and its Zero Day Initiative (ZDI) bug bounty program had been offering $65k for the exploit of Safari while Google had been offering up to $150,000 per exploit, depending on specifics -- top prizes were earmarked for those who found device-persistent hacks (i.e., those that would remain in place even after a reboot), while $110,000 was offered for less thorough attacks.

No comments:

Post a Comment

All comments will be moderate for content, please be patient as your comment will appear as soon as it has been reviewed.

Thank you