The Pwn2Own contest, reported earlier by SecurityProNews, has taken place this week and two web browsers have already fallen.According to a ComputerWorld report, Apple's Safari fell to a french security company, the hack only took five seconds to implement.The team which hacked Safari was able to walk home with a $15,000 cash prize and the MacBook Air they performed the hack on. What makes the hack impressive is Apple released asecurity update for the browser which fixed 64 security flaws.
While the Safari hack was done quickly, many have been greatly impressed by the Internet Explorer exploit. Instead of a company, the IE8 hack was developed by a single person, Stephen Fewer. He's an independent researcher who caught the eye of Aaron Portnoy, one of the TippingPoint's team, the group who put the Pwn2Own contest together.
Fewer had to use a few vulnerabilities to successfully hack IE8 on Windows 7. Here's what Portnoy said of the hack, "The most impressive so far" he continues, "He used three vulnerabilities to [not only] bypass ASLR and DEP, but also escape Protected Mode. That's something we've not seen at Pwn2Own before."
While Safari and IE8 have been hacked, Chrome has remained safe. No one has attempted to hack the browser, so their $20,000 prize is safe. The purse was only available to those who hacked the browser on the first day of the content. If anyone is able to successfully hack the browser now or later on, they will receive $10,000 from Google and $10,000 more from TippingPoint.
Pwn2Own has two more days before all is said and done, which will see hackers make their attempts at Mozilla Firefox, and the four smartphone operating systems: Apple iOS, Google Android, Microsoft Windows 7, and RIM' Blackberry.
netizens left a footprint.