PWN2OWN Hacker Contest Targets Smartphones

Mar 26, 2009 by John Messina weblog
Apple's iPhone 3G

(PhysOrg.com) -- TippingPoint, a security response team at 3Com Inc, had offered $10,000 for each exploit of any smartphones, which included Apple Inc.'s iPhone and RIM's BlackBerry, as well as phones running the Windows Mobile, Symbian and Android operating systems.

None of the smartphones that were slated for the attack were compromised. With mobile devices limited on memory and processing power, many () main techniques are not able to work.

also identified unexpected complications with the possible combinations of handsets, operating systems and carriers introduced into the exploit equation. A spokes person at TippingPoint went on to say; "we didn't realize how complicated it was." In some cases TippingPoint wasn't able to determine the exact phone or operating system's version early enough to give researchers the lead time they needed to work up an exploit of a they might have already uncovered.

In next years Hackers Contest, TippingPoint plans to work out the details ahead of time so that it can publish the rules and specifications of the smartphones in plenty of time for researchers to prepare.

An Apple could have been hacked if a researcher had wanted to part with the vulnerability. A TippingPoint spokes person commented, "there was an exploit at the show that could have broken the iPhone, but the researcher said that the $10,000 wasn't enough to part with that level of vulnerability."

Some researchers just want to hold on to the bugs they have uncovered, even when offered $10,000 in cash. They have pride in their own little vulnerability they worked so hard on. But up

© 2009 PhysOrg.com

Explore further: Microsoft skips Windows 9 to emphasize advances

add to favorites email to friend print save as pdf

Related Stories

Research on browser weaknesses triggers attacks

Jul 30, 2008

IBM's X-Force says cyber-criminals are using public research on Web browser weaknesses to launch attacks before most users are even aware of their vulnerability. The mid-year report from the security group indicates that ...

Microsoft Investigates IE 7 Vulnerability

Mar 16, 2007

The vulnerability leaves users open to potential phishing attacks. Microsoft is investigating a new flaw uncovered in Internet Explorer 7 that opens users up to phishing attacks.

Recommended for you

Microsoft skips Windows 9 to emphasize advances

36 minutes ago

The next version of Microsoft's flagship operating system will be called Windows 10, as the company skips version 9 to emphasize advances it is making toward a world centered on mobile devices and Internet ...

Microsoft to offer early look at next Windows

Sep 29, 2014

Microsoft plans to offer a glimpse of its vision for Windows this week, as its new CEO seeks to redefine the company and recover from missteps with its flagship operating system.

User comments : 1

Adjust slider to filter visible comments by rank

Display comments: newest first

RayCherry
not rated yet Mar 26, 2009
using a number of 'smart phones' as a single internet access point paid for by unsuspecting strangers will certainly yield $10,000 in a few months. selling that solution to just ten customers could yield ten times as much - plus all the personal information gathered as a bonus. I hope that Apple has tracked the path used by that 'researcher' to provide a fix for the iPhone vulnerability urgently