Pwn2Own loses HP as its sponsor amid new cyberweapon restrictions

[InfoSec News <alerts () infosecnews org>]

http://arstechnica.com/tech-policy/2015/09/pwn2own-loses-hp-as-its-sponsor-amid-new-cyberweapon-restrictions/

By Dan Goodin
Ars Technica
Sep 3, 2015

The next scheduled Pwn2Own hacking competition has lost Hewlett-Packard as 
its longstanding sponsor amid legal concerns that the company could run 
afoul of recent changes to an international treaty that governs software 
exploits.

Dragos Ruiu, organizer of both Pwn2Own and the PacSec West security 
conference in Japan, said HP lawyers spent more than $1 million 
researching the recent changes to the so-called Wassenaar Arrangement. He 
said they ultimately concluded that the legal uncertainty and compliance 
hurdles were too high for them to move forward.

"I am left being kind of grumpy now that HP is not involved," Ruiu told 
Ars. He said that he plans to organize a scaled-down hacking competition 
to fill the void at this year's conference, which is scheduled for 
November 11 and 12.

Pwn2Own has become one of the more closely followed events among security 
professionals. The hacking competition offers hundreds of thousands of 
dollars for exploits that target software vulnerabilities found in 
Windows, OS X, iOS, and Android. Besides highlighting the relative ease of 
exploiting bugs, the contest allows HP's Tipping Point division to update 
its intrusion prevention software with definitions that detect and block 
such attacks.

[...]



--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/