Amazon Echo Show falls victim to an old flaw at hacking contest

The latest iteration of the Pwn2Own hacking contest just underscored an all-too-common flaw with smart home devices. The security research team Fluoroacetate hacked into an Amazon Echo Show 5 by taking advantage of its "patch gap" -- that is, its us...

Chrome OS fends off all hacks at Pwnium 3, others fall at Pwn2Own

Chrome OS fends off all hacks at Pwnium 3

Google's Pwnium challenge followed a familiar pattern in its first two years, with white hat hackers invariably finding a Chrome vulnerability and prompting a round of patches that ultimately made the software stronger. For the Chrome OS-focused Pwnium 3, there's been a slight hiccup: there were no hacks to patch. Despite Google offering a total of $3.14159 million in bounties, entrants couldn't demonstrate a working exploit on the Series 5 550 target machine. That may be a testament to Google's steady security improvements, but it doesn't help discover what holes are left. We'd add that few were left unscathed at the Pwn2Own competition running in tandem -- the regular Chrome browser, Firefox and Internet Explorer all came tumbling down, and Safari may have escaped only because contestants didn't register in advance. Even so, the Chrome OS results may have Chromebook Pixel owners feeling better about their purchases.

Filed under: , , , ,

Comments

Source: Geek.com, eSecurity Planet

Google teases hackers with $2 million in prizes, announces Pwnium 2 exploit competition

Google teases hackers with $2 million in prizes, announces Pwnium 2 exploit competitionThe folks in Mountain View are starting to make a habit of getting hacked -- intentionally, that is. Earlier this year, Google hosted an event at the CanSecWest security conference called Pwnium, a competition that challenged aspiring hackers to poke holes in its Chrome browser. El Goog apparently learned so much from the event that it's doing it again -- hosting Pwnium 2 at the Hack in the Box 10th anniversary conference in Malaysia and offering up to $2 million in rewards. Bugging out the browser by exploiting its own code wins the largest award, a cool $60,000. Enlisting the help of a WebKit or Windows kernel bug makes you eligible for a $50,000 reward, and non-Chrome exploits that rely on a bug in Flash or a driver are worth $40,000. Not confident you can break Chrome? Don't let that stop you -- Google plans to reward incomplete exploits as well, noting that it has plenty to learn from unreliable or incomplete attacks. Check out the Chromium Blog at the source link below for the full details.

Filed under: ,

Google teases hackers with $2 million in prizes, announces Pwnium 2 exploit competition originally appeared on Engadget on Thu, 16 Aug 2012 11:12:00 EDT. Please see our terms for use of feeds.

Permalink   |  sourceGoogle  | Email this | Comments