Google's Chrome untouched at Pwn2Own hack match
Google's $20,000 was as safe at Pwn2Own Wednesday as if it had been in the bank.
The search giant had promised to pay $20,000 to the first researcher who broke into Chrome on the hacking contest's opening day.
But no one took up Google’s offer.
“The first contestant was a no-show,” said Aaron Portnoy, manager of HP TippingPoint’s security research team, and Pwn2Own’s organizer. “And the other team wanted to work on their BlackBerry vulnerability. So it doesn’t look like anyone will try Chrome.”
Only two entries had pre-registered for Chrome: Moatz Khader and one or more researchers going as “Team Anon.” (Researchers may remain anonymous if they wish.) Based on a random drawing several weeks ago, Khader was to get first shot, with Team Anon second.
Team Anon is also slated to tackle RIM’s BlackBerry OS on Thursday.
Late Wednesday, TippingPoint provided a tentative schedule for Thursday’s Pwn2Own; that schedule doesn't show any planned Chrome exploit.
Even if someone unexpectedly stepped up to take a crack at Chrome and exploited the browser, Google would be on the hook for just $10,000. As part of the deal it struck with TippingPoint, the two will split the $20,000 payment for a successful hack on the second or third days of the contest.
If Chrome comes out unscathed, as it now appears it will, the browser will have survived three consecutive Pwn2Owns, a record.
On Wednesday, researchers successfully exploited Safari and Internet Explorer. A team from French security company Vupen took down Safari 5 running on a MacBook Air notebook in five seconds, and independent researcher Stephen Fewer used a trio of vulnerabilities to hack IE8 on Windows 7.
Portnoy was impressed with Fewer’s work. “The most impressive so far,” said Portnoy. “He used three vulnerabilities to [not only] bypass ASLR and DEP, but also escape Protected Mode. That’s something we've not seen at Pwn2Own before.”
ASLR, for address space layout randomization, and DEP, or data execution prevention, are a pair of technologies baked into Windows that are designed to make it more difficult for exploits to reliably execute. Protected Mode is IE’s “sandbox,” which isolates the browser—and thus any attack code that manages to infiltrate it—from escaping to do damage on the system as a whole.
Pwn2Own continues Thursday and Friday, when Mozilla’s Firefox and four smartphones running Apple’s iOS, Google’s Android, Microsoft’s Windows 7 Phone and RIM's BlackBerry OS will be in researchers’ crosshairs.
Google Chrome 10