Google offers over $3M for breaking Chrome OS
Posted on 29 January 2013.
With $3.14159 prize pool and a completely new target, Google's Pwnium contest has become an even greater challenge for security researchers out to make a buck from their knowledge and efforts.

The third iteration of the hacking contest is to be held during the CanSecWest security conference taking place March 6-8 in Vancouver, BC.

As one of the targets of HPís ZDI Pwn2Own contest is Google's Chrome browser, the company has decided to make its relatively new Chrome OS the main focus of Pwnium.

Successful competitors cam look forward to $110,000 prizes for a browser or system level compromise in guest mode or as a logged-in user, delivered via a web page, or $150,000 for a compromise with device persistence - guest to guest with interim reboot, delivered via a web page.

"The attack must be demonstrated against a base (WiFi) model of the Samsung Series 5 550 Chromebook, running the latest stable version of Chrome OS. Any installed software (including the kernel and drivers, etc.) may be used to attempt the attack," shared Google security researcher Chris Evans.

Researchers are required to deliver the full exploit plus accompanying explanation and breakdown of individual bugs used. For partial, incomplete or unreliable exploits they will be awarded only partial rewards.

"We believe these larger rewards reflect the additional challenge involved with tackling the security defenses of Chrome OS, compared to traditional operating systems," added Evans.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Mon, Feb 8th