Wednesday, March 6, 2013

Pwn2Own 2013 Begins Today: Release the Hounds!

By +Dietrich Schmitz

The annual CanSecWest Conference begins today.  As has been tradition each year, a Pwn2Own contest will commence and run through Friday, March 8, 2013.

Hackers come each year to claim cash and other prizes for providing a successful 'proof of concept' exploit (crack) which demonstrates the ability to gain administrative control (system root) , of a given configured device running one of several browsers: Google Chrome, Mozilla Firefox, Apple Safari.




The contest rules also now include attempts to crack the following browser plug-ins:




chrome-os
chrome-os (Photo credit: BlubrNL)
Added to the entrants line-up, but curiously not mentioned whatsoever in the contest rules (someone should look into this), is a new operating system entry: Google's Chrome OS running on a Samsung  Chromebook 550.

It should be noted that this is the first year that Linux-configured hardware has been included in the competition.

It will be especially interesting to see if anyone steps up to the Chromebook's security-hardened ChromeOS operating system to give it a hack.

Google's winning purse now stands at $3.14 million in potential combined cash and prizes.  This is a strong show of confidence in their operating system which they tout as being by far the safest operating system of all entrants.

The contest rules change this year with contestants now being randomly selected, each being given exactly thirty (30) minutes to successfully hack a machine.  What is different is that the first successful hack ends the competition.

I am taking bets that there will be successful hacks of both Windows and Apple OSX platforms but none for ChromeOS.

Game on.

-- Dietrich


Enhanced by Zemanta

2 comments:

  1. Chrome was owned, unfortunately: http://nakedsecurity.sophos.com/2013/03/07/pwn2own-results-java-chrome-ie-10-and-firefox-owned-on-day-one/

    ReplyDelete
  2. Chrome the Browser (while running in Windows) was pwned. ChromeOS the Google released operating system survived even when they extended the time limit on hacking it.

    ReplyDelete