Thursday, February 10, 2011

Tech News - Week 8 Feb 2011 - Google offers $20,000 prize for finding vulnerabilities in Chrome

Back in 2009, Google entered the annual Pwn2own("Pawn-to-own") hacking contest with its newly developed Chrome browser. The Pwn2own contest is held at the annual CanSecWest Security conference and features all of the popular web browsers, which will have their security tested by hackers. Since it's entry into the contest, Chrome's security has remained without exploit due its innovative implementation of the Sandbox security feature. Although bugs have been discovered, exploiting them has been another mission altogether.

Every year Pwn2own's host, TippingPoint, has provided the prizes for the contest winners. However, Google has stepped forward, somewhat audaciously, to offer $20 000 cash prize to the contestant who can find vulnerabilities in Google's Chrome browser.

Of course Google is allowed to be confident in their browser application, they have put in the effort required to beat hackers who overturned the security of IE, Firefox and Safari on the first day of the contest. Charlie Miller won the contest by hacking Safari on Mac OS and taking control of the operating system, within a few seconds of starting the contest. This, clearly showing that vulnerabilities in a browser lead to more sensitive areas in the operating system it is being run on. But showing too much confidence with the introduction of Chrome OS(Google's browser-based operating system) around the corner, hacking of the browser may bring about some concern of whether Google's OS is ready for introduction to the public sector. "There are bugs in Chrome but they're very hard to exploit", said Charlie Miller after winning the contest in 2009.

Google bets 20k Chrome cant be hacked

Questions for pwn2own hacker Charlie Miller

No comments:

Post a Comment