Google offers over $3M for breaking Chrome OS
Posted on 29 January 2013.
With $3.14159 prize pool and a completely new target, Google's Pwnium contest has become an even greater challenge for security researchers out to make a buck from their knowledge and efforts.

The third iteration of the hacking contest is to be held during the CanSecWest security conference taking place March 6-8 in Vancouver, BC.

As one of the targets of HPs ZDI Pwn2Own contest is Google's Chrome browser, the company has decided to make its relatively new Chrome OS the main focus of Pwnium.

Successful competitors cam look forward to $110,000 prizes for a browser or system level compromise in guest mode or as a logged-in user, delivered via a web page, or $150,000 for a compromise with device persistence - guest to guest with interim reboot, delivered via a web page.

"The attack must be demonstrated against a base (WiFi) model of the Samsung Series 5 550 Chromebook, running the latest stable version of Chrome OS. Any installed software (including the kernel and drivers, etc.) may be used to attempt the attack," shared Google security researcher Chris Evans.

Researchers are required to deliver the full exploit plus accompanying explanation and breakdown of individual bugs used. For partial, incomplete or unreliable exploits they will be awarded only partial rewards.

"We believe these larger rewards reflect the additional challenge involved with tackling the security defenses of Chrome OS, compared to traditional operating systems," added Evans.


eBook: Cybersecurity for Dummies

Posted on 16 December 2014.  |  APTs have changed the world of enterprise security and how networks and organizations are attacked. These threats, and the cybercriminals behind them, are experts at remaining hidden from traditional security while exhibiting an intelligence, resiliency, and patience that has never been seen before.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Dec 19th