Google Offers $1 million for Chrome Hack
Google Offers $1 million for Chrome Hack
Written by Kay Ewbank   
Tuesday, 28 February 2012

Due to the change in rules for this year's Pwn2Own competition, Google is offering its own prizes for a Chrome Hack in its Pwnium contest. $1 million says you can't hack Chrome.

Anyone who can demonstrate a successful hack of Google’s Chrome browser at next week's CanSecWest security conference will be awarded a prize of up to $60,000.

There are also prizes of $40,000 and $20,000 depending on the severity of the exploit. The test, titled Pwnium, will be to hack the browser running on Windows 7 machines at the conference.

 

chromeIcon

 

According the Chromium blog there will be multiple rewards per category, up to the $1 million limit, on a first-come-first served basis. The rules are that each set of exploit bugs should be reliable, fully functional end to end, disjoint, of critical impact, present in the latest versions and genuinely “0-day,”, i.e. not known to Google or previously shared with third parties.

The conference organizers are running the Pwn2Own competition as in previous years, with $105,000 USD donated by Hewlett-Packard to be shared amongst three winners, but Google is uneasy about sponsoring this year's contest because the rules don’t specifically state that full details of exploits should be shown to the competition organizers.

The blog post says:

“Originally, our plan was to sponsor as part of this year’s Pwn2Own competition. Unfortunately, we decided to withdraw our sponsorship when we discovered that contestants are permitted to enter Pwn2Own without having to reveal full exploits (or even all of the bugs used!) to vendors. Full exploits have been handed over in previous years, but it’s an explicit non-requirement in this year’s contest, and that’s worrisome.”

Chrome has never been hacked in the Pwn2Own competition. As we reported last year Internet Explorer and Safari were both hacked but in fact no-one attempted to hack Chrome, which left it unhacked for for the third year in a row. Despite an additional $20,000 bounty on offer from Google the individual challenger who had registered to hack Chrome was a no-show and a team that has intended to exploit Chrome targeted the BlackBerry instead. The reason given by potential contestants for this is that Google’s security sandbox is just too hard to get through. Perhaps a million dollars will be enough of a lure to change this situation.

More Information

Pwnium: rewards for exploits

CanSecWest Vancouver 2012

New PWN2OWN Rules

Pwn2Own 2012

Related Articles

Chrome Safe in Pwn2Own 2011 Contest

Google offers $20,000 for a Chrome Hack

 

blog comments powered by Disqus

 

To be informed about new articles on I Programmer, subscribe to the RSS feed, follow us on Google+, Twitter, Linkedin or Facebook or sign up for our weekly newsletter.

 

Banner


Stanford Algorithm MOOCs Relaunched
08/08/2016

Both of Tim Roughgarden's classic computer science MOOCs that had repeatedly run on Cousera's original platform and been consistently well received by students have relaunched today on the new pl [ ... ]



One App For 1000+ Dancing Robots To Take World Record
14/08/2016

Over a 1000 sub-knee-high robots controlled by a single mobile phone have danced their way to a Guinness World Record in Qingdao, China, The mystery is where are they now and how can we buy them?


More News


Last Updated ( Thursday, 08 March 2012 )
 
 

   
RSS feed of news items only
I Programmer News
Copyright © 2016 i-programmer.info. All Rights Reserved.
Joomla! is Free Software released under the GNU/GPL License.