Hackers offered Big Payout to Poison Web Browsers
Elite hackers and ethical computer security enthusiasts are preparing themselves for the Pwn2Own competition, which challenges participants to break through security of popular software programs (such as web browsers).
Once software is breached, it is referred to as an "exploit", in which hackers are then able to gain access to other areas of the computer's operating system without restrictions. It's these types of attacks which occur on web sites frequently, where visitors become instantly infected just by visiting a malicious website containing an unknown exploit (also referred to as a "zero day" attack).
Normally, anyone who successfully pulls off an attack at the Pwn2Own contest -- which must be carried out on the latest official release of the browser on a machine running a fully patched version of either Windows 7 or Mac OS X -- wins a $15,000 prize from the organizers.
Google Offers $20,000 Prize for Exploiting Chrome
This year, there's a special prize for breaching the Chrome browser. On the first day of the event, contestants can only exploit vulnerabilities that involve 100 per cent Google programming code, rather than third-party adaptations. If they do so, they'll get a $20,000 prize that's paid for entirely by Google.
On the remaining two days, Chrome is under the same rules as other browsers, meaning any successful attack method is valid. A winner here will still get the higher $20,000 prize, but only half of this will be funded by Google. (Source: tippingpoint.com)
Sandboxing: An Effective Deterrent
It will be intriguing to see how many hackers are tempted by the extra $5,000 offer.
In the past, some of the people who've successfully attacked browsers such as Internet Explorer have said it's simply not worth the effort attacking Chrome because of its unique sandbox design.
In computing terms, a "sandbox" is a space in memory which is set aside and completely separate of the operating system. Sandboxing is effective in preventing rogue programs access to any other part of the browser or operating system so that it cannot be exploited. (Source: eweek.com)
Prize Money Meant to Keep Hackers Quiet
Under the rules of the contest, if anyone pulls off a successful attack they must hand over the details of the method: the prize money is considered payment for the intellectual property rights. The organizers then inform the browser manufacturer and do not publish them until a fix is available.
Pwn2Own takes place in Vancouver, Canada next month at the CanSecWest conference. Contestants can opt to attack Chrome, Firefox, Internet Explorer or Safari. They'll get a maximum of half an hour to carry out the attack. Hackers can also opt to target mobile devices running Apple's iOS, the Blackberry system, Google's Android and Microsoft's Windows Phone 7.
Free guide: Windows 8 Cheat Sheet: Touch and Mouse Gestures. Windows 8 brings a revolutionary way to use your mouse, touchpad, and touchscreen using 'gestures'. If you're new to gestures, you'll most certainly find them confusing - especially if you don't mean to invoke a gesture in the first place! That said, gestures are widely used on mobile and touch-based devices, and the technology is here to stay. Gestures can be a huge time-saver (similar to keyboard shortcuts) once you understand how to use them. For example, you can use gestures to move objects from one location to the next, zoom in, zoom out, enter passwords, and similar. This Windows 8 gesture cheat sheet is designed to make your life easier by demonstrating and explaining the basics. Print, share, and enjoy! Click here to download this guide now! Note: this guide is free, but registration is required; after that, you can select more ebooks and videos for download without registering again. If you have questions / problems with the registration form, please read this.