Chrome OS thwarts attack attempts in Pwnium challenge

March 11, 2013 by Nancy Owano report
Chrome OS screen

(Phys.org) —Hackers at a please-hack-me contest at the CanWest security conference in Vancouver, BC, went home empty-handed. The contest during the Vancouver three-day conference on digital security ended up with enlightened participants capable of attempts nonetheless missing out on a massive pile of cash—the bounty was $3.14159 million—the reward for their efforts if successful. They were unable to break into Google's Chrome OS. This Pwnium 3 contest invited hackers to penetrate any holes they could find in the Chrome operating system.

Pwnium is a competition to challenge the brightest minds in security to find browser vulnerabilities and attack them. They missed victory at this year's Pwnium competition, focused on 's Chrome OS. As their target machine, they were given the Samsung Series 5 550 Chromebook, running the latest version of Chrome. The researchers were allowed to use any software available on the system including and drivers to carry out attacks. The strings attached to the reward were that winners would have been expected to list, for Google, the vulnerabilities used in the attack, as well as any code used.

Although there were no clear winners, Google said some attempts were impressive enough to merit attention. "We did not receive any winning entries but we are evaluating some work that may qualify as partial exploits."

Money paid or not, Google wins. A spokesperson said that events like this keep Chrome users safe, and also said that Google appreciated the efforts of researchers who help Google out in this safety effort.

In a March 7 Google+ post, Google added, "Pwnium competitions continue to inspire us as some of the brightest minds in security show off their creativity & engineering skills. We can't wait to see who will take home a piece of the $3.14 million 'pi', and help us enhance security for Chrome and the Internet overall."

In a subsequent update, when it became clear there was no winner, the Google announcement said, "We are evaluating some work that may qualify as partial exploits… see you next time!"

Explore further: Google's Chrome computing system to debut in autumn

More information: plus.google.com/+chrome/posts/TRotibBewk9

Related Stories

Will Google resurrect the smartbook?

November 3, 2010

(PhysOrg.com) -- The idea of a smartbook has been tantalizing, but first generation attempts have fallen prey to their own immaturity. Now, though, there is a chance that Google could resurrect the smartbook with the Chrome ...

Bringing Chrome to Android more than wishful thinking

October 5, 2011

(PhysOrg.com) -- The first version of Chrome for Android should be just around the corner, according to ConceivablyTech. “Google is heading toward the finish line for the first release of Chrome for Android,” said ...

Recommended for you

Sydney makes its mark with electronic paper traffic signs

July 28, 2015

Visionect, which is in the business of helping companies build electronic paper display products, announced that Sydney has launched e-paper traffic signs. The traffic signage integrates displays from US manufacturer E Ink ...

3 comments

Adjust slider to filter visible comments by rank

Display comments: newest first

frajo
1.7 / 5 (6) Mar 11, 2013
Contests like this are unthinkable in the world of windows.
cknapp26
5 / 5 (3) Mar 11, 2013
Actually frajo, they run a variation of this contest where they test the 3 major OS's: Linux, Mac, Windows. For the last couple years Windows was second to fall, usually on the second day, whereas Mac was decimated in the first day. Windows isn't as bad as you might think, especially given how complex it is.
wictor
not rated yet Mar 11, 2013
it's not my intention to bash windows, but being complex is not an excuse for security weaknesses, on the contrary: complex == difficult to ensure correctness which implies complex == bad

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.