News & Information for Technology Purchasers NewsFactor Sites:     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
This ad will display for the next 20 seconds. Please click for more information, or scroll down to pass the ad, or Close Ad.
Home Enterprise I.T. Cloud Computing Applications Hardware More Topics...
Linux/Open Source
Real-time info services with Neustar
Average Rating:
Rate this article:  
Chrome Shines in Hacker Contest
Chrome Shines in Hacker Contest

By Adam Dickter
March 10, 2011 3:33PM

    Bookmark and Share
"Google has done some good things with Chrome over the past two years. When it first came out, its security was rocky, but they've rapidly gotten better," said cybersecurity expert Ed Skoudis. "I think Apple has been lulled into complacency with Safari." Indeed, Apple's Safari fell in a mere five seconds at the hands of Pwn2Own hackers.

Google's investment in security experts to find weaknesses in its Chrome browser has apparently reaped dividends at a prominent hacking contest.

Mozilla's Firefox also survived the Pwn2Own contest unscathed. Both companies sent out updates in recent weeks and offered cash prizes for anyone who found bugs, with Mountain View, Calif.-Google reportedly shelling out $14,000 for the tips.

The fifth annual contest coincides with the CanSecWest security conference held by HP TippingPoint and challenges security experts to take on patched versions of the latest browsers and operating systems for both desktop and mobile computers (with codes "frozen" two weeks earlier).

A Threepeat

It is the third straight year that Google's Chrome has gone unhacked at the event and this year the search giant offered $10,000 -- in addition to the contest prize cash and the computer used in the contest -- to the first team to discover a weakness. Although two teams registered to do so, one didn't show up and the other reportedly decided to attack Research in Motion's BlackBerry software instead.

Among the losers were Microsoft 's Internet Explorer 8, which was found to have three unpatched vulnerabilities by a British independent researcher, Stephen Fewer, ComputerWorld reported. Fewer said he spent six weeks developing an attack on Explorer's sandbox, which is designed to keep malicious code out.

Apple's Safari, just updated for bugs, also fell, in a mere five seconds to a French team who exploited a weakness in the open-source browser rendering engine, Webkit, according to ZDNet, which said the team from the testing firm Vupen won $15,000 and an Apple MacBook Air.

The hackers attacked the browsers one at a time, rather than go head to head to see which fell first.

"Looks like Google scared off the hackers with its security updates," said Ed Skoudis, an instructor at the SANS cybersecurity institute in Bethesda, Md.

According to a report in The Guardian, an attempt to hack Google's Android mobile operating system was canceled after Google patched the hole he had planned to exploit.

Easy Pickings

Skoudis said Explorer and Safari were seen as the "easy pickings" in the contest.

"Google has done some good things with Chrome over the past two years," he said. "When it first came out, its security was rocky, but they've rapidly gotten better. I think Apple has been lulled into complacency with Safari, given that its low market share means that attackers don't spread exploits for it as often as for other browsers. I believe strongly that it is more vulnerable, but less exploited.

But that may not last long.

"As its market share increases, especially with mobile Safari on iPhones and iPads) I think that equation will turn against Apple," said Skoudis. "They will have to get much more serious about security."

Tell Us What You Think



Posted: 2011-03-11 @ 5:12pm PT
I'm not sure about this title. It's pretty biased, especially for an article posted on the first day of the event.

"Chrome collects dust in corner" might be more accurate.

Posted: 2011-03-10 @ 5:30pm PT
"When it first came out, it's security was rocky, but they've rapidly gotten better."

It should be ITS not IT'S.

Ed. note: Yes, fixed it, thanks!

Neustar, Inc. (NYSE: NSR) is a trusted, neutral provider of real-time information and analysis to the Internet, telecommunications, information services, financial services, retail, media and advertising sectors. Neustar applies its advanced, secure technologies in location, identification, and evaluation to help its customers promote and protect their businesses. More information is available at

 Linux/Open Source
1.   OpenSSL Calls for More Support
2.   Red Hat Unveils OpenShift Marketplace
3.   IBM Mainframes Celebrate 50 Years
4.   Eich Resignation Brings Controversy
5.   Teradata Intros QueryGrid Analytics

Tech 101: What Is Open Source?
Foundation of countless applications.
Average Rating:
IBM Mainframes Celebrate 50 Years
Unveils new cloud services for business.
Average Rating:
Eich Resignation Brings Controversy
Political correctness in Silicon Valley.
Average Rating:

Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
IBM Offers Security, Disaster Recovery as SoftLayer Service
New disaster recovery and security services for SoftLayer clients are being added by IBM. Big Blue said the new capabilities will speed cloud adoption by alleviating concern over business continuity.
How To Beat the Heartbleed Bug
Heartbleed headlines continue as IT admins scramble for answers no one has. Early reports of stolen personal data, including 900 social insurance numbers in Canada, are starting to trickle in.
After Heartbleed, OpenSSL Calls for More Support
The president of the OpenSSL Foundation says more support is needed from companies and governments that use its software so that it can better spot and fix flawed pieces of code such as Heartbleed.

Enterprise Hardware Spotlight
Vaio Fit 11A Battery Danger Forces Recall by Sony
Using a Sony Vaio Fit 11A laptop? It's time to send it back to Sony. In fact, Sony is encouraging people to stop using the laptop after several reports of its Panasonic battery overheating.
Continued Drop in Global PC Shipments Slows
Worldwide shipments of PCs fell during the first three months of the year, but the global slump in PC demand may be easing, with a considerable slowdown from last year's drops.
Google Glass Finds a Home in Medical Education, Practice
Google Glass may find its first markets in verticals in which hands-free access to data is a boon. Medicine is among the most prominent of those, as seen in a number of Glass experiments under way.

Mobile Technology Spotlight
Amazon 3D Smartphone Pics Leaked
E-commerce giant Amazon is reportedly set to launch a smartphone after years of development. Photos of the phone, which may feature a unique 3D interface, were leaked by tech pub BGR.
Zebra Tech Buys Motorola Enterprise for $3.45B
Weeks after Lenovo bought Motorola Mobility’s assets from Google for $2.91 million, Zebra Technologies is throwing down $3.45 billion for Motorola’s Enterprise business in an all-cash deal.
CTIA Caves, Volunteers Kill Switch Plan
After bucking against the concept of a smartphone kill switch, the CTIA just announced the “Smartphone Anti-Theft Voluntary Commitment” to thwart smartphone thefts in the U.S.

NewsFactor Network
Home/Top News | Enterprise I.T. | Cloud Computing | Applications | Hardware | Mobile Tech | Big Data | Communications
World Wide Web | Network Security | Data Storage | Small Business | Microsoft/Windows | Apple/Mac | Linux/Open Source | Personal Tech
Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters | XML/RSS Feed

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.