AfterDawn: Tech news

IE8, Firefox and Safari all taken down on day one of Pwn2Own

Written by Andre Yoskowitz (Google+) @ 25 Mar 2010 16:47 User comments (18)

IE8, Firefox and Safari all taken down on day one of Pwn2Own At this week's Pwn2Own hacking contest, the iPhone, Safari, Internet Explorer 8 and Firefox browsers were all taken down within minutes.
Vincenzo Iozzo and Ralf-Philipp Weinmann took down the iPhone browser in under five minutes, and left with $15,000 in prize money. Weinmann is most notorious for being part of a team that cracked WEP Wi-Fi security in 2007, faster than was previously recorded.

Charlie Miller of Independent Security Evaluators took down Safari for the third year in a row, leaving with $10,000 in cash as a prize.

The most impressive exploit came from Peter Vreugdenhil who took down IE8 on Windows 7 by "bypassing the operating system's Data Execution Prevention, or DEP, security mechanism, which is designed to stop most attacks." Vreugdenhil earned the same prize as Miller. German student "Nils" took down Firefox on Windows 7 within minutes as well, earning $10k.

TippingPoint, the company that runs the contest, does not divulge the details of the flaws that are used to exploit the browsers but instead purchases the rights to the exploits and then turns it over to the companies behind the browsers.

The only browser remaining unscathed after day one and day two was Google Chrome.

Previous Next  

18 user comments

125.3.2010 16:52

Go Chrome!!!
fanboyish i know but i simply love how fast this thing is ^^

225.3.2010 18:54
Emil
Unverified new user

Google is a class act. Look what they are doing in china to support human rights.

325.3.2010 22:12

How much is the knowledge of a good exploit worth to these major companies? It seems the monetary awards aren't close to the value. Are these truly the best exploits out there? One would think the prize should be something outside the box, a 2 yr. minimum contract working in the security and piracy division of these companies at a decent salary.

426.3.2010 2:21

Originally posted by Run4two:
How much is the knowledge of a good exploit worth to these major companies? It seems the monetary awards aren't close to the value. Are these truly the best exploits out there? One would think the prize should be something outside the box, a 2 yr. minimum contract working in the security and piracy division of these companies at a decent salary.
Well I would say if these guys are cracking IE, firefox, and the iphone they most likely got good enough jobs already but who knows.

526.3.2010 6:32

Originally posted by Josipher:
Go Chrome!!!
fanboyish i know but i simply love how fast this thing is ^^
They are all the same speed on the machines I use. The only difference is add-ons and site compatibility.

626.3.2010 11:25

So we can assume the fastest and finest Windows browser ever -OPERA- wasn't even in the contest. Why not? Couldn't TippingPoint and Pwn2Own even scratch Opera's paintwork? Or was this 'contest' a glorified commercial for Google Chrome?

726.3.2010 16:04

Originally posted by wealldoit:
So we can assume the fastest and finest Windows browser ever -OPERA- wasn't even in the contest. Why not? Couldn't TippingPoint and Pwn2Own even scratch Opera's paintwork? Or was this 'contest' a glorified commercial for Google Chrome?
Well seen as Opera only has a 2% market share they probably didn't think it was worth it.

Good news for Chrome though. I've been using it since the early days and the way it's developed and grown is impressive and a half.

826.3.2010 17:30

The reason why Chrome is taking longer is that it is a new browser. The hackers have far more experience dealing with the other browsers whose architecture has changed very little over the years.

926.3.2010 22:27

please tell me safari was on a macos

1026.3.2010 22:57

Yikes!! I use Opera alot though, and don't see too much of a problem, with just a few exception to Flash though.

1126.3.2010 23:08

Hm, cross-reference this article with this one before you get too carried away about Chrome: http://www.neowin.net/news/safari-firefo...e-left-untested

TL;DR: No one attempted to hack it (Chrome), basically.

Seeing as how there was a time limit they went for browsers they knew they could hack in a reasonable amount of time. Don't get me wrong, Chrome is freaking sweet, but I felt like you guys needed more information.

1227.3.2010 0:50

I'm sure Chrome is crackable...it runs on windows!

I wonder who will buy the exploit rights for taking down FireFox on Win7...

1327.3.2010 14:45

From the Neowin article

Quote:
There are bugs in Chrome but they’re very hard to exploit. I have a Chrome vulnerability right now but I don’t know how to exploit it. It’s really hard. They’ve got that sandbox model that’s hard to get out of. With Chrome, it’s a combination of things — you can’t execute on the heap, the OS protections in Windows and the Sandbox.

1429.3.2010 12:23

Originally posted by ville30:
The reason why Chrome is taking longer is that it is a new browser. The hackers have far more experience dealing with the other browsers whose architecture has changed very little over the years.


That's right. But isn't Opera older than Firefox, Safari and most other browsers, let alone Chrome?
I can only think of IE (1995) and the late great Netscape Navigator (1994) as being slightly older. I'm a little disappointed why it (Opera which first came out in 1996) wasn't involved in this contest..Ah well, no matter...
This message has been edited since its posting. Latest edit was made on 29 Mar 2010 @ 12:34

152.4.2010 1:21

This simply solidifies a well known FACT in all security circles...ALL software is beatable. period.<-(another period)

I worked in the security industry for a long time, and despite what Nix, Mac or any fanboi will scream for all to hear, they're all exploitable. No code is "secure". It's only secure until it's released to the public and then the holes will begin to appear.

I always get a laugh at those who yell "MS needs to write secure code!"..LOL! What...those other OS developers have some "magic" code that nobody else knows of or sumthin?? Or have some secret compiler that instantly recognizes a previously unknown exploit before it's released? Get a clue before making idiotic statements like that (which I'm positive are about to come soon).

162.4.2010 2:15

You determine the source code with the most defects then rewrite the code.

Our software group implemented hundreds of bug fixes and new features but reduced the lines of code in the process. We used static analysis of our source code to find software defects yet to be discovered. We removed source code to support features never released to custommer because project was cancelled while still in engineering. We removed thousands of patches that were never needed because a software engineer did not understand how the microprocessor worked.

174.4.2010 16:42

Originally posted by john_swan:
You determine the source code with the most defects then rewrite the code.

Our software group implemented hundreds of bug fixes and new features but reduced the lines of code in the process. We used static analysis of our source code to find software defects yet to be discovered. We removed source code to support features never released to custommer because project was cancelled while still in engineering. We removed thousands of patches that were never needed because a software engineer did not understand how the microprocessor worked.
And that is exactly what every programmer (group) does, including those at MS. It's still an impossibility to release completely secure code, and you know that to be true if you work(ed) for a s'ware group. Sure there are ways to test the code and eliminate extraneous or wobbly code, but you can never close holes that are yet to be discovered. As long as code is written, it can, and Will be broken.
Also the more complex the code, the more opportunity for exploits to be found, and Win-dOhs is about as complex as it gets. I'm a coder too, and I just can't wrap my brain around just how much work goes into that OS..wow.
No...I just find it funny how much it shows a lack of understanding when people make those types of statements they do against MS for any new exploits that are found. I'm no MS cheerleader about their business model at times, but I (and I know you do too John ;) ) also realize just what the reality of building something so vastly complex as W7 is, and how much they've done to advance computing in general.

Happy Easter!
This message has been edited since its posting. Latest edit was made on 04 Apr 2010 @ 16:43

184.4.2010 17:57

Will someone at MS please tell us why our computers become non-responsive for several minutes at random intervals. Someday can you imagine that your brakes go offline for several minutes while the computer reboots following a software update.

Comments have been disabled for this article.

News archive