Pwn2Own hacker contest targets browsers, smart phones

Summary:After two straight years of taking dead aim at Macbooks and Windows-powered machines, hackers at this year's CanSecWest conference will have shiny new targets:  Web browsers and mobile phones.According to CanSecWest organisers, there will be two separate Pwn2Own competitions this year -- one pitting hackers against IE8, Firefox 3 and Safari and another targeting Google Android, Apple iPhone, Nokia Symbian and Windows Mobile.

After two straight years of taking dead aim at Macbooks and Windows-powered machines, hackers at this year's CanSecWest conference will have shiny new targets:  Web browsers and mobile phones.

According to CanSecWest organisers, there will be two separate Pwn2Own competitions this year -- one pitting hackers against IE8, Firefox 3 and Safari and another targeting Google Android, Apple iPhone, Nokia Symbian and Windows Mobile.

[ SEE: 10 questions for MacBook hacker Dino Dai Zovi ]

On the browser side, the IE vs Firefox battle is sure to grab headlines although I'm not quite sure why Opera or Google's Chrome was not included in the target list.

The rules of engagement are not yet available but it's a safe bet that a successful attacker would have to exploit a zero-day vulnerability to gain full access to the target computer.

CanSecWest organizers plan to Sony VAIO P running Windows 7 as the platform for the contest.  The successful hacker gets to keep the machine.

[ SEE: Google Android vulnerable to drive-by browser exploit ]

The second contest -- against mobile phone platforms -- will be another closely watched affair.  Hackers have already successfully infiltrated the iPhone and Android platforms and there are known security problems in Symbian and Windows Mobile so we're likely to see a lot of attention paid to this contest.

In 2007, New York-based security researcher Dino Dai Zovi teamed up with Shane Macaulay to hijack a MacBook Pro via a flaw in Apple's QuickTime software.    A year later, hacker Charlie Miller needed just two minutes to exploit a Safari bug to win that contest.

Alex Sotirov also partnered with Macaulay in 2008 to exploit an Adobe Flash vulnerability on a Windows Vista box.  (Thanks to NonZealot for the correction).

* Image source: Channy Yun's Flickr photostream (Creative Commons 2.0)

Topics: Operating Systems, Apple, Browser, Hardware, Mobility, Security, Smartphones, Software, Windows

About

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content managem... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.