TechSpot

IE8 and Safari hacked at Pwn2Own, nobody tries Chrome

By Matthew
Mar 10, 2011
Post New Reply
  1. Hackers successfully compromised Safari and Internet Explorer during the first day of Pwn2Own. The event began yesterday at 3:30PM PT and a group from French security firm Vupen exploited Safari 5 running on a MacBook Air in only five seconds, according to Computerworld. That's despite Apple releasing a last minute patch (v5.0.4) to prevent contestants from using known bugs. In addition to keeping the MacBook Air, the team earned a smooth $15,000 for its accomplishment.

    Read the whole story
     
  2. Win7Dev

    Win7Dev TS Evangelist Posts: 560   +172

    I would think firefox would be compromised rather quickly because it is open source. People can just examine code and then find a snippet that could be used to exploit it. I know that it really isn't that easy to do, but I'm sure the developers of it could come up with at least one loop hole somewhere.
     
  3. That's also the power of open source the group at the head of the distrbution or a concerned users, see's it, submits the bug and it gets fixed very fast.
     
  4. princeton

    princeton TS Addict Posts: 1,677

    Since firefox is a browser that many hackers use the hackers report bugs they find instead of exploiting them.
     
  5. woohoo chrome for the win
     
  6. Rick

    Rick TechSpot Staff Posts: 4,573   +65

    No one tried last year either....
     
  7. mario

    mario Ex-TS Developer Posts: 399   +17

    @Win7Dev Well almost every browser is open source or a good part of it, Chrome and Safari use the open-source Webkit rendering engine, Chrome's chrome (UI) and its javascript interpreter is also open, Firefox is open from head to toes, the only private ones are Opera and IE.

    Chrome is the toughest to crack because it runs every tab in its own sandbox making it very difficult for exploits to run arbitrary code. Webkit2, the next version of webkit, will have this functionality built-in, it's supposed to be implemented in Safari with OS X Lion.
     
  8. NeoFryBoy

    NeoFryBoy TS Rookie Posts: 72

    I wouldn't call that winning. That's like sitting in a dunk tank and no one wants to throw the ball. Disappointing for everyone.
     
  9. Jurassic4096

    Jurassic4096 Banned Posts: 155

    very poor analogy... but if you find a standard dunk tank that pays $20,000 for hitting it, i'm in.
     
  10. aj_the_kidd

    aj_the_kidd TS Rookie Posts: 555

    Umm, Google challenged people to hack them and no one "throw the ball", its a good analogy if you ask me. Poor chrome least you didn't get "wet"
     
  11. I'll be very curious to see if anyone can hack Opera. It may have a lower share of the browser market, but it is hands down the best browser I have ever used. There is something fishy about no-one even attempting to hack Chrome. Plus, I would never use a browser or any other software or hardware that is sponsored by a company who's primary business is collecting data.
     
  12. princeton

    princeton TS Addict Posts: 1,677

    I'd call it a bad analogy because if I was in a dunk tank I wouldn't be disappointed if nobody dunked me :p
     
  13. matrix86

    matrix86 TS Guru Posts: 812   +26

    I'm with aj on this one. Chrome would win if someone tried and didn't succeed. You can't call something uncrackable when nobody tries to crack it. Intimidation is no excuse. Somebody who knows what they're doing needs to grow a pair and have it. They all seem to be taking the easy way out. They know Firefox, IE, and Safari can be cracked, so they go with it. But Chrome is tight is would take a lot more work. What would you rather go for? A browser that you have a good chance at cracking and winning the prize money? Or a browser that's hard to crack, causing you to not get any prize money?
    Although considering it's been untouched for the past 2 years, there should be no excuse for this. Someone at least try it!
     
  14. aj_the_kidd

    aj_the_kidd TS Rookie Posts: 555

    Yeah I thought hackers were all about notoriety. I'd want to be part of team which hacked Chrome and told Google to "Sit down, be quiet, cause I just hacked your browser *****, now give me that money" :)
     
  15. bonniesmith

    bonniesmith TS Rookie Posts: 40

    Chrome might not be that easy to hack, Google guys were giving out $150,000 per exploit found...
     
  16. aj_the_kidd

    aj_the_kidd TS Rookie Posts: 555

    I think you mean that Google have given out $100,000 in rewards but if not please provide a source. Seems a little unlikely that they would be rewarding people $150,000 for each exploit found
     
  17. Rick

    Rick TechSpot Staff Posts: 4,573   +65

    They were offering $1337 USD per exploit found... a funny figure.
     
  18. ansh1993

    ansh1993 TS Enthusiast Posts: 93

    Yes , chrome is the best . But , that's very surprising that Safari was hacked in less than 5 seconds .
     
  19. yukka

    yukka TechSpot Paladin Posts: 828   +54

  20. matrix86

    matrix86 TS Guru Posts: 812   +26

    Is it sad that as soon as I saw him post that figure, I knew exactly what it meant? lol
     
  21. opera ftw!
     
  22. Lokalaskurar

    Lokalaskurar TS Enthusiast Posts: 544

    Is Chrome really that secure? Wow. Non-cracked system for two years straight now.
     
  23. T77

    T77 TS Enthusiast Posts: 300   +6

    No opera??!
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...