Google bets $20K that Chrome can't be hacked

By Nomad_
in Back Page News

 Share

Recommended Posts

Experienced

Nomad_

Posted
Posted

http://www.computerworld.com/s/article/9207939/Google_bets_20K_that_Chrome_can_t_be_hacked?taxonomyId=15

Google will pay $20,000 to the first researcher who successfully exploits its Chrome browser at this year's Pwn2Own hacking contest.

The award is the largest ever for the annual challenge, which will kick off for the fifth time at the CanSecWest security conference in Vancouver, British Columbia, on March 9.

At this year's Pwn2Own, researchers will pit exploits against machines running Windows 7 or Mac OS X as they try to bring down Microsoft's Internet Explorer, Mozilla's Firefox, Apple's Safari and Chrome.

The first researchers to hack IE, Firefox and Safari will receive $15,000 and the machine running the browser. The prizes are $5,000 more than those given for exploiting browsers at the last Pwn2Own contest, and three times more than the 2009 awards.

"We've upped the ante this time around and the total cash pool allotted for prizes has risen to a whopping $125,000," said Aaron Portnoy, the manager of HP TippingPoint's security research team.

Grand Master

Nagisan

Posted
Posted

Someones feeling confident. But Google have worked there assess off on Chrome! We will see :D

I would actually say Google is willing to pay $20k to whoever can expose bugs in Chrome, I don't think they are confident that it can't be done, I think rather, they are willing to pay for someone to expose the bugs it does have that they haven't found.

Grand Master

Rudy

Posted
Posted

I would actually say Google is willing to pay $20k to whoever can expose bugs in Chrome, I don't think they are confident that it can't be done, I think rather, they are willing to pay for someone to expose the bugs it does have that they haven't found.

That's pretty much what I was going to post lol

Enthusiast

HeroDavies

Posted
Posted

I would actually say Google is willing to pay $20k to whoever can expose bugs in Chrome, I don't think they are confident that it can't be done, I think rather, they are willing to pay for someone to expose the bugs it does have that they haven't found.

Isn't that the point of the contest in the first place? Meaning Google wouldn't have to put any money down at all if they weren't feeling confident.

Grand Master

Nagisan

Posted
Posted

Isn't that the point of the contest in the first place? Meaning Google wouldn't have to put any money down at all if they weren't feeling confident.

$20k is relatively cheap for Google, they are most likely using it as enticement to any potential attempts. It's like putting money down on any contest, you can watch it without putting any down, but I doubt the contest participants will refuse any more money than they have already been told they are getting.

Google putting money down on the contest will mean more people will attempt to hack Chrome, which means more exploits will be found than if they had not put any money down.

Experienced

grik

Posted
Posted

Its a Win Win situation for Google.

I like this aproach rewarding testing efforts, its the way it should be. If they find a hack Chrome will be safer, if they dont find Chrome will be majorly adopted by the Geek?s and spreading the Word on the high skilled programers.

Im impressed google, good job.

Mentor

iuerg87yerg879e0rg9erugjer

Posted
Posted

so what do they have to hack in the browser to get the $20,000? because chrome is open source so hacking an open source program would make no sense for a competition though IE and firefox hacking comp sounds more like it...

Grand Master

still1

Posted
Posted

so what do they have to hack to get the $20,000? because chrome is open source...

Find a way to install virus or make it run remote code on the target PC.

You need to do this with the officially compiled chrome browser.

Edit: Say your edit Firefox is open source too.

Grand Master

+Xinok Subscriber²

Posted
  • Subscriber²
Posted

The most difficult part of exploiting Chrome is the sandbox. I remember one of the participants last year was able to find exploits in the browser, but was unable to bypass the sandbox.

Veteran

xXTOKERXx

Posted
Posted

Very interesting, but at what stage do they consider it hacked?

When you can capture details, when the browser is hijacked etc?

Also giving people time to start working their magic now ready for the "on the day" test?

Seems pretty interesting, wish I knew more about the components of browsers!

Grand Master

Malisk

Posted
Posted

Not surprised, given that it resides in a sandbox, even in Windows XP which doesn't support sandboxing natively.

That was the point when Google went "OK, so we'll make our own" unlike certain other companies. ;)

Grand Master

Alladaskill17

Posted
Posted

I would actually say Google is willing to pay $20k to whoever can expose bugs in Chrome, I don't think they are confident that it can't be done, I think rather, they are willing to pay for someone to expose the bugs it does have that they haven't found.

This.

Grand Master

MrA

Posted
Posted

I would actually say Google is willing to pay $20k to whoever can expose bugs in Chrome, I don't think they are confident that it can't be done, I think rather, they are willing to pay for someone to expose the bugs it does have that they haven't found.

There's a secondary benefit in that competitions like this bring out people that you might extend a job offer to. Google's hiring, and it's hard to find good people.

This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Amazon Greenlights A New "Stargate" Series

      By Som · Posted

      https://www.change.org/p/save-the-new-stargate-series-let-martin-gero-build-the-future-of-the-franchise?utm_source=share_petition&utm_medium=mobileNativeShare&utm_campaign=share_petition&recruited_by_id=376d0b10-cf3c-11e7-a513-03b837c94000&recruiter=836653795&share_id=jVyr5PGfkN Petition for anyone who's interested 
    • Here's how to watch Summer Game Fest 2026 and what to expect from the 2-hour showcase

      By LoneWolfSL · Posted

      Here's how to watch Summer Game Fest 2026 and what to expect from the 2-hour showcase by Pulasthi Ariyasinghe The June game showcase schedule is packed, and with the Sony event already behind us, it's time for the next major presentation to come in swinging. Later today, Geoff Keighley will be bringing the 2026 edition of Summer Game Fest live from the Dolby Theatre in Los Angeles, California. For anyone wanting to tune in online, the Summer Game Fest showcase livestream will be kicking off at 2 PM PT | 5 PM ET | 10 PM BST later today, June 5. The jam-packed show is slated to run for about two hours, with platforms like YouTube (4K at 60FPS), Twitch, Facebook, or X being available for catching it. Like in previous years, separate streams featuring American Sign Language and Descriptive Audio are available on YouTube as well. Keighley has only dropped a few teasers about what gaming fans can expect to see at the show. This includes a new look at Star Wars Zero Company from EA, a major announcement from Guild Wars developer ArenaNet, more Clutch gameplay, and some sort of Sega presence. As for fan expectations, there is hype building about a Final Fantasy 7 Remake Part 3 reveal here, and we might see new details about announced games like Alien Isolation 2 as well. If you want even more games, keep in mind that right after the main kickoff event, the Day of the Devs showcase will begin its own festivities at 4 pm PT | 7 pm ET. This is focused entirely on upcoming indie games. Following this, the next major games showcase is slated to happen on June 7. Here, Microsoft is bringing the big guns with its Xbox Games Showcase and Gears of War E-Day Direct. Check out the full calendar for all of the June events over here.
    • Ladybird Browser is no longer accepting outside contributions thanks to AI

      By Reancarnation_X · Posted

      AI is destroying jobs like nothing before
    • Microsoft is making Windows 11's context menus faster, simpler, and configurable

      By +samw61 · Posted

      I think the car analogy is more this: Left hand drive, basic commands on the left side of the infotainment screen. Right hand drive, basic commands on the right side of the infotainment screen. Granted, you're not swapping between the two often so it's doesn't really work. But it's to do with the proximity of you (your mouse, or the driver) to the controls.
    • Microsoft is making Windows 11's context menus faster, simpler, and configurable

      By +samw61 · Posted

      I mean, the old one was broken and so stupidly complex for many users, so I don't see that as a feasible option. A context menu needs to be simple to use, and for me the Windows 11 style actually worked really well for me, and many others. I used to have to scroll the damn context menu just to get to "file properties" in Windows 10. That was not a good experience, and I'm sure you'd agree. What they're trying to do is make it the best of both worlds, as clearly you'd prefer the Win10 style. I'm curious how they're going to do this.

  • Recent Achievements

    • Conversation Starter
      FBSPL earned a badge
      Conversation Starter
    • Week One Done
      I2D earned a badge
      Week One Done
    • Week One Done
      Dr Jared Dental Studio earned a badge
      Week One Done
    • Week One Done
      RG INVESTMENT GROUP earned a badge
      Week One Done
    • Very Popular
      The Norwegian Drone Pilot earned a badge
      Very Popular

  • Popular Contributors

    1. 1
      +primortal
      487
    2. 2
      PsYcHoKiLLa
      263
    3. 3
      Skyfrog
      86
    4. 4
      FloatingFatMan
      64
    5. 5
      Michael Scrip
      63
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!