Google Chrome breached at Pwn2Own and Pwnium

By Jos · 14 replies
Mar 8, 2012
Post New Reply
  1. Ending a three-year streak coming out unharmed at organized hacking challenges, Google's Chrome browser was breached at "Pwn2Own" and the company's own "Pwnium" event yesterday, both of which are running…

    Read the whole story

    3DCGMODELER TS Enthusiast Posts: 307   +18

    If they Smart, They would Hire the Hackers...
  3. Lurker101

    Lurker101 TS Evangelist Posts: 820   +345

    This sounds like a big win for Google.
  4. "The exploit leveraged two bugs, one to bypass DEP (data execution prevention)"

    I'm confused here. Does Chrome have the ability to bypass DEP by itself??
  5. Why hire them? This is so much cheaper for Google.
  6. anguis

    anguis TS Enthusiast Posts: 85   +12

    Firefox 3 on Windows XP...why so old?
  7. lipe123

    lipe123 TS Evangelist Posts: 719   +236

    Meanwhile in the real world the #1 threat is the giant banner at the top that goes "Congratulations you won *insert gigantic BS prize here*, click here and accept the agreement!!!" or "You qualified to win an iPad3! click continue on the next screen to claim your prize"

    Instead of targeting these high level exploits that only occur in very controlled environments and almost never under normal circumstances they should set up a prize reward for every site that has a misleading banner that results in a malware installation.
  8. Because Windows XP still has more market share then any other Windows OS.
  9. The company said it will sell the rights to one of the zero-day vulnerabilities but it won’t give up the sandbox escape: "We are keeping that private, keeping it for our customers."

    Would those customers be a number of three letter acronyms? And maybe a few internet frauds just to add some color to the mix?
    This is one of those companies that deserves getting sued.
  10. After discovering the browser Maxthon, Chrome is pretty much history in my book. It is amazing how little appreciation Maxthon receives; best browser I have ever tried.
  11. I hope the student who got the $60,000 used the same exploit of the sandbox, making their discovery useless or at least less valuable. Even if it was not the same, Google now knows that it exists and will probably find it themselves.
  12. It does not appear Maxthon has downloads for iOS or Linux. Too bad, it looks pretty nice.
  13. SNGX1275

    SNGX1275 TS Forces Special Posts: 10,742   +422

    Probably didn't help that its history began with IE.

    I know how you feel though, I'm an Opera user. It gets only slightly more attention than Maxthon. Nearly all benchmarks include: IE, FF, Chrome. IE is probably only included now in benchmarks 'for the lulz'.
  14. PinothyJ

    PinothyJ TS Guru Posts: 460   +22

    I do not even need to comment on this lovely piece of insight ^^…
  15. jester376

    jester376 TS Booster Posts: 55

    You know there's no doubt in my mind that they do hire these guys. On the Pwnium Constest, however, they probably wont hire the Russian student since he is still attending college. However, I am willing to bet that they are gonna offer him a Part-Time or Full-Time Internship.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...