AfterDawn: Tech news
AfterDawn > News > Google: $1 million says you can't exploit Chrome

Google: $1 million says you can't exploit Chrome

Written by Andre Yoskowitz @ 28 Feb 2012 2:17 User comments (3)

Google: $1 million says you can't exploit Chrome Google has put $1 million on the line if security researchers or hackers can exploit their popular Chrome browser.
The company has also pulled out of the annual Pwn2Own contest, where they were regular sponsors. Google says there were changes in the rules by contest organizer Zero Day Initiative (ZDI) which they did not approve of: "We decided to withdraw our sponsorship when we discovered that contestants are permitted to enter Pwn2Own without having to reveal full exploits, or even all of the bugs used, to vendors. Full exploits have been handed over in previous years, but it's an explicit non-requirement in this year's contest, and that's worrisome."

Chrome is a "sandboxed" system which normally means any hack of the browser requires multiple exploits, and Chrome has remained untouched for years while other browsers like Internet Explorer, Firefox and Safari normally last just a few hours during the contest.



For the new $1 million prize, hackers will need to perform a "full Chrome exploit" which exploits Chrome on Windows 7 using only vulnerabilities in Chrome itself. That alone will bring $60,000 and every other partial exploit that uses one bug will earn $40,000. Additionally, Google will pay $20,000 for "consolation" exploits that "hack Chrome without using any vulnerabilities in the browser itself."

Concludes Google: "We will issue multiple rewards per category, up to the $1 million limit, on a first-come-first served basis."

Tags: Chrome hack Exploits Pwn2Own
<Yahoo threatens Facebook over IP licensing >IBM laying off 1000 workers
Previous Next  

3 user comments

128.2.2012 14:31
LordRuss
Send private message to this user
Senior Member

Anonymous, be careful! Ploy like this will draw out malfeasance & criminals like lottery ticket winners to warrant decree stings.

Not to mention... Didn't that poor 26 year old bastard get arrested & thrown in the hoosegow for just such an event not too long ago? Granted, he was throwing his own contest entry with Facebook, but similar security features were being tested I can assume. Sans the incriminating personal info obtained as well too; I mean if we're gong to be splitting hairs...

229.2.2012 18:35
i1der
Send private message to this user
Member

what i'm very confused with your comment, you saying offering a reward for hacking it and showing how was done? i like these contest.

31.3.2012 12:53
LordRuss
Send private message to this user
Senior Member

Originally posted by i1der:
 what i'm very confused with your comment, you saying offering a reward for hacking it and showing how was done? i like these contest.
I can see how you'd be confused. Anonymous is with regards to the international hacking group. Being overly mental ambitious & typing 'out loud', I figured I would foreshadow a warning that a group (or groups) of such magnitude might want to shy away from such things. Contests like these "could" also be used as sting operations to catch "would be" or potential criminals. That was what I was prattling on about.

The 26 year old was in this story LINK & is pretty much self explanatory as well.

As for the contests as a whole, sure, I like them as well. What better way to get rid of all your internal 'yes' men & get folks to burrow through your security crap in order to get it fixed the fastest & cheapest.

Comments have been disabled for this article.

Latest news

VLC hits milestone: over 5 billion downloads VLC hits milestone: over 5 billion downloads (16 Mar 2024 4:31)
VLC Media Player, the versatile video-software powerhouse, has achieved a remarkable feat: it has been downloaded over 5 billion times.
2 user comments
Sideloading apps to Android gets easier, as Google settles its lawsuit Sideloading apps to Android gets easier, as Google settles its lawsuit (19 Dec 2023 11:09)
Google settled its lawsuit in September 2023, and one of the settlement terms was that the way applications are installed on Android from outside the Google Play Store must become simpler. In the future, installing APK files will be easier.
8 user comments
Roomba Combo j7+ review - Clever trick allows robot vacuum finally to tackle home with rugs and carpets Roomba Combo j7+ review - Clever trick allows robot vacuum finally to tackle home with rugs and carpets (06 Jun 2023 9:19)
Roomba Combo j7+ is the very first Roomba model to combine robot vacuum with mopping features. And Roomba Combo j7+ does all that with a very clever trick, which tackles the problem with mopping and carpets. But is it any good? We found out.
Neato, the robot vacuum company, ends its operations Neato, the robot vacuum company, ends its operations (02 May 2023 3:38)
Neato Robotics has ceased its operations. American robot vacuum pioneer founded in 2005 has finally called it quits and company will cease its operations and sales. Only a skeleton crew will remain who will keep the servers running until 2028.
5 user comments
How to Send Messages to Yourself on WhatsApp How to Send Messages to Yourself on WhatsApp (20 Mar 2023 1:25)
The world's most popular messaging platform, Meta-owned WhatsApp has enabled sending messages to yourself. While at first, this might seem like an odd feature, it can be very useful in a lot of situations. ....
18 user comments

Reviews

Roomba Combo j7+ review - Clever trick allows robot vacuum finally to tackle home with rugs and carpets Roomba Combo j7+ review - Clever trick allows robot vacuum finally to tackle home with rugs and carpets
Roomba Combo j7+ is the very first Roomba model to combine robot vacuum with mopping features. And Roomba Combo j7+ does all that with a very clever trick, which tackles the problem with mopping and carpets. But is it any good? We found out.
Review: Samsung Jet Bot 90 AI+ - a high-end robot vacuum cleaner Review: Samsung Jet Bot 90 AI+ - a high-end robot vacuum cleaner
Samsung's Jet Bot 90 AI+ is a top-class robot vacuum cleaner that can avoid obstacles and empty its own dust container. Here we review the product.
1 user comment
Samsung Jet Bot 80+ review - excellent robot vacuum cleaner Samsung Jet Bot 80+ review - excellent robot vacuum cleaner
We review Samsung's Jet Bot 80+ robot vacuum cleaner over a period of three months.
1 user comment

Guides

HOWTO: Install Netflix App on rooted Android device HOWTO: Install Netflix App on rooted Android device
'This app is no longer compatible with your device. Contact the developers for more info.' If you are getting this message from Google Play when trying to install Netflix, then maybe this little guide can help you.
HOWTO: Boot Android device into Safe Mode HOWTO: Boot Android device into Safe Mode
Are you having trouble with your Android device? If you find that your device has become sluggish, is freezing, takes too long to boot or any of a host of other performance concerns, you may want to boot into Safe Mode.
GUIDE: Wi-Fi speeds are slow? Here are some tips GUIDE: Wi-Fi speeds are slow? Here are some tips
Having problems with Wi-Fi speed and stability at home? Here are some tips to follow to alleviate the issues.
1 user comment
What IP rating for dust and water resistance means What IP rating for dust and water resistance means
An IP classification (such as IP68) is given to mobile phones, Bluetooth speakers, and other devices, but what do these classifications mean?
1 user comment
Guide: Phone battery drains quickly - how to fix (iPhone / Android) Guide: Phone battery drains quickly - how to fix (iPhone / Android)
In this guide, we go through the most typical reasons for rapid battery drain with phones, and look at potential reasons or solutions.

News archive

Sections:

Follow us:

© 1999-2024 AfterDawn Oy. All rights reserved
Back to Top ⇧
AfterDawn is powered by Powered by UpCloud