IDG News Service >
 

Chrome OS runs the table at Pwnium 3

o Jon Gold
08.03.2013 kl 23:13 | Network World (US)

Hackers at the CanSecWest event in Vancouver couldn't break Google's latest version of Chrome OS in the company's Pwnium 3 contest, leaving the $3.14159 million (yes, that's Pi, for those keeping track at home) in prize money untouched.

 

Hackers at the CanSecWest event in Vancouver couldn't break Google's latest version of Chrome OS in the company's Pwnium 3 contest, leaving the $3.14159 million (yes, that's Pi, for those keeping track at home) in prize money untouched.

Pwnium is a hacking contest -- similar to the better-known Pwn2Own event, which is also held at the CanSecWest convention -- that challenges the best in the security business to attack Google's products in the hope of winning cash prizes.

[ MORE CHROME: Google confirms high-end Chromebook Pixel, surprising some ]

The company's Chrome team announced in a Google+ post that no successful exploits were found by the assembled hackers, despite the extension of the deadline to 5 p.m. PST yesterday, though the post also said that some partial exploits were being evaluated.

Google had been offering up to $150,000 per exploit, depending on specifics -- top prizes were earmarked for those who found device-persistent hacks (i.e., those that would remain in place even after a reboot), while $110,000 was offered for less thorough attacks.

While Chrome OS made it through Pwnium unscathed, the larger Pwn2Own contest saw the Chrome browser successfully exploited by researchers from MWR Labs, a U.K.-based security firm, who won $100,000 in the process.

Making the MWR Labs exploit even more impressive is the fact that Google released a major security update just days before the event kicked off, patching several fairly serious vulnerabilities.

Pwn2Own also saw IE10, Firefox, Adobe Reader, Flash and -- on four separate occasions -- Java exploited by the skilled hackers in attendance. The biggest winner was France's VUPEN Security, which successfully hacked IE10, Firefox, Java and Flash. The company's total winnings came to $250,000, according to Sophos Security.

Email Jon Gold at jgold@nww.com and follow him on Twitter at @NWWJonGold.

Read more about software in Network World's Software section.

Keywords: Telecommunication  Software  Security  Consumer Electronics  
Latest news from IDG News Service

Copyright 2009 IDG Magazines Norge AS. All rights reserved

Postboks 9090 Grønland - 0133 OSLO / Telefon 22053000

Ansvarlig redaktør Henning Meese / Utviklingsansvarlig Ulf Helland / Salgsdirektør Tore Harald Pettersen