Posts Tagged ‘pwn2own’

The third annual Pwn2Own security competition that was held at the CanSecWest conference in Vancouver, Canada has come to an end on 20th March 2009, i.e. Friday and revealed the weaknesses and loopholes of all the popular web browsers. This competition was intended to offer the white hat hackers a chance to crack the codes of popular web browsers including Mozilla Firefox, Internet Explorer and Apple Safari and the codes of popular smartphone operating systems.

The results are quite amazing, something that wasn’t expected. The Google Chrome and all the smartphones remained un-cracked but the Apple Safari, Internet Explorer and Mozilla Firefox were easily hacked multiple times. Apple Safari was hacked by Charlie Miller in just a couple of seconds. This was followed by a 25 year old computer science student named Nils who demonstrated the vulnerabilities of Safari, Internet Explorer 8 and Firefox.

The contestants also tried their tricks on Google Chrome browser and BlackBerry, Android, iPhone, Symbian and Windows Mobile smartphones but failed to break into the codes of these applications. According to the TippingPoint Technologies, the sponsor of the event, the Apple iPhone 3G could be hacked using one of the Safari exploits that was already used but according to the contest rules the same bug cannot be used twice.

The results clearly reveal that the smartphone OSes are far more secure than web browsers, except Google Chrome. This definitely brings the Chrome on the top of other web browsers and is expected to outshine its rivalries in near future in terms of market share, popularity and reliability.

The Pwn2Own hacking competition is going to prove bad for Apple Safari web browser because the experts believe that this browser has got maximum number of security loopholes. The Safari browser is likely to be hacked multiple times at the contest. This is because it’s a user friendly web browser and supports lots of formats and applications. So, the chances of bugs also increase.

Charlie Miller, the white-hat hacker who successfully cracked an Apple MacBook Air at the last year’s Pwn2Own competition believes that this time the Safari browser will be hacked by at least four hackers. The browser’s security features are so weak that anyone can easily remotely install malware on the handhelds running Safari. Therefore, Miller says that the safari will be the first to fall and he also says that the Microsoft Internet Explorer and Mozilla Firefox will throw a real challenge in front of the contestants. Apart from Safari, Google Chrome is also supposed to be an easy target for hackers.

Miller said, “It’s (Safari) an easy target. Apple’s products are really friendly to users, and Safari is designed to handle anything, including all kinds of file formats. With a lot of functionality comes the increased chance of bugs. The more complex software is, the less secure it is.”