• Home
  • About 404TS
  • Contact

404 Tech Support

Where IT Help is Found

  • Articles
    • Code
    • Entertainment
    • Going Green
    • Hardware, Gadgets, and Products
    • Management
    • Network
    • News
    • Operating Systems
    • Security and Privacy
    • Software
    • System Administration
    • Talking Points
    • Tech Solutions
    • Web
    • Webmaster
  • Reviews
  • Media
    • Infographics
    • Videos
  • Tech Events
  • Tools
    • How do I find my IP address?
    • Browser and plugin tests
  • Get a Technical Consultation
You are here: Home / Articles / News / The Zero Day Initiative Pwn2Own Contest Takes Place Later This Week

The Zero Day Initiative Pwn2Own Contest Takes Place Later This Week

2011-03-07

The Zero Day Initiative team is having the annual Pwn2Own contest later this week, March 9th, 10th, and 11th of 2011 in Vancouver. The contest always seems to be an interesting spectacle – seeing how fast certain systems are compromised, learning how companies respond to the vulnerability disclosures, and seeing patches come out up to the very last minute. The targets this year will be 4 popular web browsers and 4 mobile devices.

Here is the Cliff Notes version of the contest:

Browers

This year the web browser targets will be the latest release candidate (at the time of the contest) of the following products:

  • Microsoft Internet Explorer
  • Apple Safari
  • Mozilla Firefox
  • Google Chrome

Each browser will be installed on a 64-bit system running the latest version of either OS X or Windows 7.

A successful hack of IE, Safari, or Firefox will net the competitor a $15,000 USD cash prize, the laptop itself, and 20,000 ZDI reward points which immediately qualifies them for Silver standing. Benefits of ZDI Silver standing include a one-time $5,000 USD cash payment, 15% monetary bonus on all ZDI submissions in 2011, 25% reward point bonus on all ZDI submissions in 2011 and paid travel and registration to attend the DEFCON Conference in Las Vegas.

As for Chrome, the contest will be a two-part one. On day 1, Google will offer $20,000 USD and the CR-48 if a contestant can pop the browser and escape the sandbox using vulnerabilities purely present in Google-written code. If competitors are unsuccessful, on day 2 and 3 the ZDI will offer $10,000 USD for a sandbox escape in non-Google code and Google will offer $10,000 USD for the Chrome bug. Either way, plugins other than the built-in PDF support are out of scope.

Mobile Devices

The following are the target mobile devices for the contest:

  • Dell Venue Pro running Windows 7
  • iPhone 4 running iOS
  • Blackberry Torch 9800 running Blackberry 6 OS
  • Nexus S running Android

As mentioned previously, we’ve upped the ante this time around and the total cash pool allotted for prizes has risen to a whopping $125,000 USD. While HP TippingPoint is funding $105,000 of that, we’ve partnered with Google who has generously offered up $20,000 to the researcher who can best their Chrome browser.

Interestingly, an RF enclosure box will be used for the mobile targets as there seems to be the possibility that the Canadian version of the FCC could use that as a reason to stop the contest.

A successful compromise of any of these targets will win the contestant a cash prize of $15,000 USD, the device itself, and 20,000 ZDI reward points which immediately qualifies them for Silver standing. Benefits of ZDI Silver standing include a one-time $5,000 USD cash payment, 15% monetary bonus on all ZDI submissions in 2011, 25% reward point bonus on all ZDI submissions in 2011 and paid travel and registration to attend the DEFCON Conference in Las Vegas.

You can find out the full details and rules of the contest at http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011 where updates and winners will also be posted once the contest begins on Wednesday.

For real-time updates of the contest you can follow either @thezdi or @AaronPortnoy on Twitter or search for the hashtag #pwn2own.

For this information in a format that will be readable to a more general audience, check out this story from the Morning Marketplace Report.

Filed Under: News, Security and Privacy

Trending

  • Disclosing software vulnerabilities isn’t against the EULA?
    In Security and Privacy, Talking Points
  • Microsoft and Harman/Kardon tease an Amazon Echo/Google Home competitor
    In Hardware, Gadgets, and Products
  • Mozilla Gets Into Do Not Track Details; Released Field Guide
    In Security and Privacy, Software

Latest Media Posts

Multifunctional Video Conversion Tools – Wondershare Video Converter

Multifunctional Video Conversion Tools – Wondershare Video Converter

The WannaCry Post-Mortem

The WannaCry Post-Mortem

  • Popular
  • Latest
  • Today Week Month All
  • Microsoft Word: “This modification is not allowed because the selection is locked.” Microsoft Word: "This modification is not allowed because the selection is locked."
  • How to edit the message subject in Outlook 2016 How to edit the message subject in Outlook 2016
  • What is the AllJoyn Router Service on Windows 10? What is the AllJoyn Router Service on Windows 10?
  • Increase IIS Private Memory Limit to improve WSUS availability Increase IIS Private Memory Limit to improve WSUS availability
  • Scan-To-Email with Office 365 from a multifunction copier or printer Scan-To-Email with Office 365 from a multifunction copier or printer
  • 5 Factors To Look At When Choosing Web Hosting 5 Factors To Look At When Choosing Web Hosting
  • How managers can improve their team’s written communication skills How managers can improve their team’s written communication skills
  • Online Casino Technology – How Does It All Work? Online Casino Technology – How Does It All Work?
  • Virtual Assistant Devices Will Reshape Your Life in 2019 Virtual Assistant Devices Will Reshape Your Life in 2019
  • The 5 Most Common Problems with PC Gaming The 5 Most Common Problems with PC Gaming
Ajax spinner

Upcoming Tech Events

There are no upcoming events at this time.

Elevator Pitch

404 Tech Support documents solutions to IT problems, shares worthwhile software and websites, and reviews hardware, consumer electronics, and technology-related books.

Subscribe to 404TS articles by email.

Follow Us

  • Facebook
  • Google+
  • RSS
  • Twitter
  • YouTube

Recent Posts

  • 5 Factors To Look At When Choosing Web Hosting
  • How managers can improve their team’s written communication skills
  • Online Casino Technology – How Does It All Work?

Search

FTC Disclaimer

404TechSupport is an Amazon.com affiliate; when you click on an Amazon link from 404TS, the site gets a cut of the proceeds from whatever you buy. This site also uses Skimlinks for smart monetization of other affiliate links.
Use of this site requires displaying and viewing ads as they are presented.

Copyright © 2019 · 404TechSupport.com