Pwnium2
Latest
Google patches SVG and IPC exploits in Chrome, discoverer banks $60,000 in the process
Google revels in hacking contests as ways of testing Chrome's worth. Even if the browser is compromised, the failure provides a shot at fixing an exploit under much safer circumstances than an in-the-wild attack. No better example exists than the results of Google's Pwnium 2 challenge in Malaysia: the company has already patched vulnerabilities found in the contest that surround SVG images and IPC (inter-process communication) before they become real problems. Staying one step ahead of truly malicious hackers carries a price, however. Pwnium 2 winner Pinkie Pie -- yes, Pinkie Pie -- is being paid $60,000 in prize money for catching the exploits. That may be a small price to pay if it reassures a few more Internet Explorer users looking to hop the fence.
Google teases hackers with $2 million in prizes, announces Pwnium 2 exploit competition
The folks in Mountain View are starting to make a habit of getting hacked -- intentionally, that is. Earlier this year, Google hosted an event at the CanSecWest security conference called Pwnium, a competition that challenged aspiring hackers to poke holes in its Chrome browser. El Goog apparently learned so much from the event that it's doing it again -- hosting Pwnium 2 at the Hack in the Box 10th anniversary conference in Malaysia and offering up to $2 million in rewards. Bugging out the browser by exploiting its own code wins the largest award, a cool $60,000. Enlisting the help of a WebKit or Windows kernel bug makes you eligible for a $50,000 reward, and non-Chrome exploits that rely on a bug in Flash or a driver are worth $40,000. Not confident you can break Chrome? Don't let that stop you -- Google plans to reward incomplete exploits as well, noting that it has plenty to learn from unreliable or incomplete attacks. Check out the Chromium Blog at the source link below for the full details.
