Hackers are regularly the reason behind any unplanned activities on our computers. We’ve all had our fair share of viruses, malware, worms, trojans and rootkits. Not to mention the host of other infections we’ve had that we never knew about and may well still be lurking on your old PC downstairs in the basement.
Well this year at the Pwn2Own contest held at the CanSecWest security conference in Vancouver, starting on March 24th 2010, hackers will be fighting against each other for a change, not to steal each others credit card numbers or log in details. But instead to see who can break into computers running Windows 7, Windows Vista, Windows XP and Mac OS X Snow Leopard via browser-related security holes.
But not only will they be trying to break into your desktops, but now the event organisers, Pwn2Own have added a new mobile phone platform category, including the iPhone 3GS and Blackberry’s. The main sponsor of the Pwn2Own contest, TippingPoint Zero Day Initiative (ZDI) is offering no less than $100,000 in prizes to the hackers who manage to break into the respective browsers and devices.
In keeping with tradition the first portion of the event will attempt to bring to light the current security posture of market-leading web browser and operating system pairings. The multifaceted web browser continues to occupy a critical presence on the client-side attack surface
Said researcher Araon Portnoy from Tippingpoint’s security group.
The second portion of Pwn2Own 2010 offers bounties for vulnerabilities affecting mobile phones. The increased presence and capabilities of smart phones has brought with it the same security issues and attention traditionally reserved for non hand-held platforms
The hacking contest will last for 3 days, where hackers will have a chance to break into the most popular operating systems including Windows 7, Windows Vista and XP, not to mention Snow Leopard OSX using the 4 most popular browsers. Google Chrome, Internet Explorer, Safari, Firefox. There is $40,000 reserved in prizes for browser hacks alone.
In Day 1, hackers will attempt to hack Internet Explorer 8 on Windows 7, Firefox 3 on Windows 7, Google Chrome 4 on Windows 7 and Apple Safari 4 on MacOS X Snow Leopard. Day 2 will have hackers target IE7 on Windows Vista, Firefox 3 on Windows Vista, Google Chrome 4 on Windows Vista and Apple Safari 4 on MacOS X Snow Leopard. In day 3, the following browsers will serve as targets for attacks: IE7 on Windows XP, Firefox 3 on Windows XP, Google Chrome 4 on Windows XP and Apple Safari 4 on MacOS X Snow Leopard.
“$60,000 of the total $100,000 cash prize pool is allotted to the mobile phone portion of the contest, each target is worth $15,000. A successful hack on these targets must result in code execution with little to no user-interaction. Expect updates on the rules as the contest approaches. The current target list is as follows: Apple iPhone 3GS, RIM Blackberry Bold 9700, a Nokia device running Symbian S60 (likely the E62), a Motorola phone running Android (likely the Droid),”
So this must be what the hackers are training for all year, but please guys, stop practicing on me and I think some of our fellow readers would prefer if you left them in peace as well!
Source:
