Engadget

Security firm claims to have hacked Chrome's sandbox

Donald Melanson — Tue, 10 May 2011 10:02:00 EST

It didn't manage to do it during the most recent Pwn2Own challenge, but VUPEN Security is now claiming that it has finally managed to hack Google's Chrome browser and crack its so-called "sandbox." According to the firm, the exploit relies on some newly discovered zero day vulnerabilities, works on all Windows operating systems (and only Windows, apparently), and could give malicious websites the ability to download code from a remote source and execute it on a user's computer -- the video after the break shows an example, in which the Windows Calculator application is downloaded and run automatically. For its part, Google says it has been unable to confirm the hack since VUPEN hasn't shared any details with it -- something the firm apparently doesn't plan to do, as it says it only shares its vulnerability research with its "government customers for defensive and offensive security."

Continue reading Security firm claims to have hacked Chrome's sandbox

Security firm claims to have hacked Chrome's sandbox originally appeared on Engadget on Tue, 10 May 2011 10:02:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

RIM issues PSA following Pwn2Own exploit: turn off JavaScript on your BlackBerry

Donald Melanson — Wed, 16 Mar 2011 18:59:00 EST

It's not just desktop web browsers getting hacked at this year's Pwn2Own challenge -- mobile browsers have also been targeted for vulnerabilities, and a fairly big one has now been found in RIM's browser for BlackBerry OS 6. Apparently, there's a JavaScript-related bug that could let a "maliciously designed" website gain access to data stored on both the phone's media card and built-in storage, but not data stored in the storage portion for applications (such as email or contact information). For its part, RIM says that it hasn't actually seen any evidence of anyone exploiting the vulnerability, but it's nonetheless urging folks to disable JavaScript on affected devices, and it's now busy providing IT departments everywhere with guidelines on how to do so. If that proves to be complicated, it's suggesting that you simply disable the BlackBerry Browser altogether until it can be patched.

RIM issues PSA following Pwn2Own exploit: turn off JavaScript on your BlackBerry originally appeared on Engadget on Wed, 16 Mar 2011 18:59:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Safari and IE8 get shamed at Pwn2Own, Chrome still safe... for now

Tim Stevens — Thu, 10 Mar 2011 07:56:00 EST

Ahead of the most recent Pwn2Own, Google made a rather proud challenge: it'd pay $20,000 to any team or individual who could successfully hack Chrome. Two takers signed up for that challenge -- and then both backed down. One individual didn't show up and a second entry, known as Team Anon, decided to focus their efforts elsewhere. There's still time left for someone to come out of the woodwork and scrape off that polish, but as of now no brave souls have registered intent. Meanwhile, IE8 was taken down by Stephen Fewer, who used three separate vulnerabilities to get out of Protected Mode and crack that browser's best locks. Safari running on a MacBook Air got shamed again, cracked in just five seconds. Not exactly an improvement compared to how it fared in 2008.

Safari and IE8 get shamed at Pwn2Own, Chrome still safe... for now originally appeared on Engadget on Thu, 10 Mar 2011 07:56:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Google's paying $20,000 to hack Chrome -- any takers?

Michael Gorman — Thu, 03 Feb 2011 20:33:00 EST

So far, Chrome is the only browser of the big four -- Safari, Firefox, and Internet Explorer being the other three -- to escape the Pwn2Own hacking competition unscathed the past two years. (Sorry Opera aficionados, looks like there's not enough of you to merit a place in the contest... yet.) Evidently, its past success has Google confident enough to pony up a cool $20,000 and a CR-48 laptop to anyone able to find a bug in its code and execute a clean sandbox escape on day one of Pwn2Own 2011. Should that prove too daunting a task, contest organizer TippingPoint will match El Goog's $10,000 prize (still $20,000 total) for anyone who can exploit Chrome and exit the sandbox through non-Google code on days two and three of the event. For those interested in competing, Pwn2Own takes place March 9th through 11th in Vancouver at the CanSecWest conference. The gauntlet has been thrown -- your move, hackers.

Google's paying $20,000 to hack Chrome -- any takers? originally appeared on Engadget on Thu, 03 Feb 2011 20:33:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

iPhone SMS database hacked in 20 seconds, news at 11

Sean Hollister — Thu, 25 Mar 2010 02:36:00 EST

It's a story tailor-made for the fear-mongering subset of news media. This week, a pair of gentlemen lured an unsuspecting virgin iPhone to a malicious website and -- with no other input from the user -- stole the phone's entire database of sent, received and even deleted text messages in under 20 seconds, boasting that they could easily lift personal contacts, emails and your naughty, naughty photos as well. Thankfully for us level-headed souls, those gentlemen were Vincenzo Iozzo and Ralf-Philipp Weinmann, security researchers performing for the 2010 Pwn2Own hacking contest, and their $15,000 first prize ensures that the winning formula will go to Apple (and only Apple) for further study. Last year, smartphones emerged from Pwn2Own unscathed even as their desktop counterparts took a beating, but this makes the third year in a row that Safari's gotten its host machines pwned. That said, there's no need for fear -- just a healthy reminder that the Apple logo doesn't give you free license to click links in those oh-so-tempting "beta-test the new iPad!" emails.

iPhone SMS database hacked in 20 seconds, news at 11 originally appeared on Engadget on Thu, 25 Mar 2010 02:36:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Major smartphone platforms emerge unscathed from Pwn2Own

Nilay Patel — Wed, 25 Mar 2009 11:24:00 EST

Sure seems like your handheld is a lot more secure than your computer, at least in some sense -- although the desktop versions of IE 8, Safari, and Firefox were each almost instantly cracked on the first day of the Pwn2Own contest, no one claimed the $10,000 bounty placed on each of the major smartphone platforms. That's certainly reassuring, but it may not ultimately mean much: according to contest organizers Tipping Point, the bugs in Android, Symbian, Windows Mobile, and the iPhone and BlackBerry OSes are still there, but they're harder to exploit because of device, OS, and carrier variations. That makes any vulnerabilities even more valuable -- one of the contestants apparently had an iPhone exploit ready to go, but wasn't willing to part with it since he wanted more than $10K for it. Tipping Point says it'll try and nail down specs of each platform earlier next year to make it easier on hackers, but let's hope the results are similar.

[Via Slashdot]

Filed under: Handsets, Symbian, Windows Mobile, iPhone OS, Android, BlackBerry OS

Major smartphone platforms emerge unscathed from Pwn2Own originally appeared on Engadget on Wed, 25 Mar 2009 11:24:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments

Major smartphone platforms emerge unscathed from Pwn2Own

Nilay Patel — Wed, 25 Mar 2009 11:24:00 EST

Filed under: Cellphones

Major smartphone platforms emerge unscathed from Pwn2Own originally appeared on Engadget on Wed, 25 Mar 2009 11:24:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments

The Pwn2Own trifecta: Safari, IE 8, and Firefox exploited on day 1

Thomas Ricker — Thu, 19 Mar 2009 05:59:00 EST

That didn't take long. One day into the Pwn2Own hacking competition at CanSecWest and already Apple, Microsoft, and Mozilla have been sent packing to their respective labs to work on security issues in their browsers. In a repeat performance, Charlie Miller pocketed a $5,000 cash prize and a fully-patched MacBook by splitting it wide, and gaining full control of the device after a user clicked on his malicious link. Another white-hatter by the name Nils (pictured) toppled Internet Explorer 8 running on a Windows 7 laptop -- again, the five grand and compromised VAIO P laptop are now his to keep as compensation for turning over the malicious code. So much for "protection that no other browser can match," eh Mr. Ballmer? Nils then demonstrated a second Safari exploit before hacking Firefox later in the afternoon netting him a cool $15k by the close of day one. Only Google's Chrome was left unscathed -- Opera isn't part of the contest. This year's contest will also offer a $10,000 prize for every vulnerability successfully exploited in Windows Mobile, Android, Symbian, and the iPhone and BlackBerry OSes. In other words: this contest that runs through Friday isn't over by any stretch.

[Via ZDNET]

Filed under: Misc. Gadgets

The Pwn2Own trifecta: Safari, IE 8, and Firefox exploited on day 1 originally appeared on Engadget on Thu, 19 Mar 2009 05:59:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments

Linux becomes only OS to escape PWN 2 OWN unscathed

Darren Murph — Sat, 29 Mar 2008 14:48:00 EST

After a week full of Red Bulls, Fruit by the Foot and dreams of In-N-Out, the mighty Sony VAIO loaded with Linux stood as the only machine unhacked by the end of the PWN 2 OWN hacking contest at CanSecWest. As you're well aware by now, the MacBook Air on display was seized in two minutes by the presumably well prepared Charlie Miller, and after two full days of work, Shane Macaulay and a few of his 1337 associates managed to crack the Vista rig on Friday. Reportedly, Shane and his pals weren't expecting to do battle with the extra protected SP1 version of Vista, and while the exact loophole won't be divulged, we are told that it was a cross-platform bug that "took advantage of Java to circumvent Vista's security." In the end, it was reported that some folks on hand had discovered bugs in the Linux OS, but many of them "didn't want to put the work into developing the exploit code that would be required to win the contest."

[Image courtesy of TippingPoint]

Filed under: Laptops

Linux becomes only OS to escape PWN 2 OWN unscathed originally appeared on Engadget on Sat, 29 Mar 2008 14:48:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments

PWN 2 OWN over: MacBook Air gets seized in 2 minutes flat

Darren Murph — Thu, 27 Mar 2008 17:57:00 EST

And just think -- last year you were singing Dino Dai Zovi's praises for taking control of a MacBook Pro in nine whole hours. This year, the PWN 2 OWN hacking competition at CanSecWest was over nearly as quickly as the second day started, as famed iPhone hacker Charlie Miller showed the MacBook Air on display who its father really was. Apparently Mr. Miller visited a website which contained his exploit code (presumably via a crossover cable connected to a nearby MacBook), which then "allowed him to seize control of the computer, as about 20 onlookers [read: unashamed nerds] cheered him on." Of note, contestants could only use software that came pre-loaded on the OS, so obviously it was Safari that fell victim here. Nevertheless, he was forced to sign a nondisclosure agreement that'll keep him quiet until "TippingPoint can notify the vendor," but at least he'll have $10,000 and a new laptop to cuddle with during his silent spell.

Filed under: Laptops

PWN 2 OWN over: MacBook Air gets seized in 2 minutes flat originally appeared on Engadget on Thu, 27 Mar 2008 17:57:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments

Safari browser exploit produced within 9 hours in hacking competition

Conrad Quilty-Harper — Sun, 22 Apr 2007 04:35:00 EST

Shane Macaulay and Dino Dai Zovi, a software engineer and security researcher taking part in the brilliantly named "PWN to Own" Hack-a-Mac contest at the CanSecWest conference in Vancouver, managed to hack into and take control of a MacBook by finding a security exploit that takes advantage of an open Safari browser window. Shane and his teammate Dino won the prize of a brand new MacBook -- presumably loaded with Firefox or some other browser variant -- for managing to find the hole on the second and final day of the contest. The hack wasn't exactly a breeze, since the pair admitted to a total of 9 hours in order to find and exploit the weakness. Apple has patched OS X four times over the last year to fix dozens of security updates, and only regurgitated the corporate line when asked for comment on this particular vulnerability. ("Apple takes security very seriously", well duh!) Even with the recent arousal of interest in Mac OS security, the world has yet to see any kind of exploit released into the wild world web; when / if one does, we'd probably expect the most damaging exploit to use good ol' social engineering rather than a complicated hack like this. Still, Mac users should take some form of satisfaction from knowing that the issue of Mac security is being investigated, rather than being taken for granted.

Filed under: Desktops, Laptops

Safari browser exploit produced within 9 hours in hacking competition originally appeared on Engadget on Sun, 22 Apr 2007 04:35:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments