Windows 7: IE and Safari out at Pwn2Own on day 1

I really wish they would have tested IE9...but not being released yet means they won't...because pre-release versions of something are just that, unfinished and not ready for prime-time.

Making sport of browser security, hackers topple IE, Safari • The Register


Google's Chrome untouched at Pwn2Own hack match - Computerworld

Firefox testing was expected to commence today.

I knew there was a good reason why I was using Chrome

Apple need to up their security a lot more, that result is really really poor, IE8 well who's surprised about that one, not me that's for sure.

Hopefully Firefox's security can hold out.

Do you guys know if they test Opera? I would be really curious to see the results for that one. I don't like the idea that they are just going after FF 3.6, and IE8, instead of the 4 and 9 respectively... Nonetheless, the results should be interesting.

Because they are aren't released yet, pointless testing development software, wouldn't really be fair plus their usage won't be as wide spread as the stable versions.

That is quite true, good point. Well, I'll have to wait to see next year. I just looked up the results for the fall of IE8, they bypassed ASLR, DEP, and the protected mode. Pwn2own said that they never saw that before... And like you said, Apple seriously needs to step up their game. I have read multiple articles that Apple's security is definitely lacking...

They can't be trying very hard on Opera given the number of vulnerabilities found in it over the last year :/

http://secunia.com/advisories/search/?search=opera

One always has to queestion the motivations of the participants. EVERYONE wants to bag on IE, but what street cred to you get from poking holes in everyones hero Opera?

I honestly don't expect the situation with IE to improve much by next year. Honestly, they were supposed to be better with IE6 (and weren't), IE7 (and weren't), IE8 (well, we all now how secure that has been), and now here comes IE8.


Apple doesn't have enough customers for it to really matter.

That is a very poor accessment of Opera. If you take the time to check, all of those vulnerabilities have been fixed in the current version. What does make a browse insecure, such as IE has always been in the past, is that a known vulnerability is not fixed, or worse that some are never published so that the users are unaware of them.

Opera has ALWAYS been the most secure browser available. That does not mean that it is perfect, nor that faults will never be found, it means that once a vulnerability is known, Opera fixes it VERY rapidly.

I think many of the contestants in Pwn2Own use Opera for their browser. I wonder which one is more secure, Chrome or Opera? I personally like Opera a bit more because of its fantastic Software acceleration and more personal options to choose from.

Well yes, of course they are all fixed, but given that they are being found at a steady rate, it's pretty safe to assume that it still has some, in fact probably a lot. Until the discoveries slow down to one or two a year, the software is guaranteed to contain plenty more waiting to be discovered.

Sentences like this "Google's Chrome browser was also up for grabs, but no one stepped forward to try hacking it." speaks voolumes about the fairness of it all.

Given that Safari and Chrome are based on the same base layout engine, it's entirely likely to suffer a lot of the same flaws. Why aren't people going after it? If Google makes it through because no one dared to suffer community retribution for even trying, does it get to claim it survived too?

So again, if Opera makes it through unscathed it's far more likely it's because no one bothered to try very hard... The people that do the hacking as well as the contests are so religeously polarized you can't judge much at all by the outcomes, and that's really a shame