Dailydave mailing list archives
Pwn2Own 2009 thoughts
From: Charles Miller <cmiller () securityevaluators com>
Date: Mon, 2 Mar 2009 16:52:10 -0600
Pwn2Own is just over 2 weeks away. Its the only time of year I actually bother to look for bugs without a client paying my boss or in preparation for a talk. Its also the time of year I dig in my bag of 0-days for goodies to give out. Join me this year! In the past, it was to researcher's advantage to make sure no one else competed since only one person could win at each target. This year, there can be multiple winners for each (only the first pwner gets the hardware). Also, if more than 5 people win, an extra $15k gets put up for grabs. That means I hope lots of people win! I want my bonus bucks :) Here are my predictions for this year. It'd be cool if there was a Vegas line on this stuff! Safari: hacked by 4 different people. Easy pickin's as usual. Android: hacked by 1 person. Not too tough but no one owns one. IE8, Firefox: Survive unscathed. The bugs to exploit equation is too hard for 5k. iPhone, Symbian: Survive due to non-executable heap. Blackberry, Windows Mobile, Chrome: I don't know enough to say anything intelligent. That said, they're probably hard/obscure and so survive. Charlie More info: http://dvlabs.tippingpoint.com/blog/2009/02/25/pwn2own-2009 _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Pwn2Own 2009 thoughts Charles Miller (Mar 02)