Kamis, 17 Februari 2011

Hackers Go To Exploit

Pwn2Own is a contest put together which pits hackers against the major web browsers. Their goal is to successfully exploit the browsers and find bugs which allow for these hacks. The hackers aren't just doing this to be nice either, there's a prize pool worth $125,000. Cash, laptops, and desktops will all be available to win.
The contest features all the major browsers (Firefox, Internet Explorer, Safari, and Chrome), and will be functioning on both Windows 7 PC's and Mac OS X machines. The contest is hosted by TippingPoint, a research organization who works to provide protection against system vulnerabilities.

There are a couple of new additions to the contest, both of which will pay prize money. First, there will be a mobile hacking event. This will pit researchers against the likes of Apple's iOS, Google Android, Microsoft's Windows 7 Phone, and RIM's Blackberry OS.

The news which is really drawing attention to the event is Google Chrome joining in on the action. Not only are they participating, but they're ponying up their own dough to award the hackers. $20,000 will go to the hacker who can find an exploit in Google Chrome first.

Google has been very confident in their belief that Chrome cannot be hacked. This is due to their using of a 'sandbox' anti-exploit defense. This type of defense isolates a program from other system processes, and requires hackers to take an additional step to truly perform a successful breach.

Only on the first day will Google be providing their $20,000 prize. This is due to the fact that on the first day only the browsers themselves will be available to the contestants. On the second and third day, they are allowed to utilize system bugs on the operating systems to perform their hacks. For the last two days Google will still provide a $10,000 award, which will be matched by Tipping Point. So no matter what day a hacker might successfully exploit Chrome, they'll still receive $20,000.

This is the contest's fifth running, and the award money has never been higher. The contest itself is about helping the browser developers better implement security strategies that keep malicious hackers from fulfilling their exploits.

Related Post



Tidak ada komentar:

Posting Komentar