Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Browser exploits.

19 Mar 2010   #1

Win 7 Ultimate 64-bit. SP1.
Browser exploits.

TippingPoint offers hackers $100,000 for browser and phone exploits.

Security company 3Com TippingPoint has jacked up to $100,000 the prize money on offer to anyone able to hack a range of browsers and mobile devices at the forthcoming CanSecWest security conference.

Running for the fourth year at the event, $40,000 of the Pwn2Own contest pot will be on offer to entrants that successfully exploit security vulnerabilities to compromise the top four browsers, Internet Explorer, Mozilla Firefox, Google Chrome, and Safari, equivalent to $10,000 per browser

To win the money outright, the attacks on IE, Firefox, and Chrome must work while running on a fully-patched Windows 7, while Safari will be attacked running on OS X Snow Leopard. Brownie points will be gained if the same flaw works on Vista and XP, although the assumption would be that this would be highly likely anyway.

To make the contest tougher, attackers can't use third-party plug-ins such as Adobe Flash on day one of the event. These are often a soft underbelly, so excluding them raises the bar.
Source -
TippingPoint offers hackers $100,000 for browser and phone exploits | Security Central - InfoWorld

My System SpecsSystem Spec
19 Mar 2010   #2

Windows 7 x64 HP, Windows 7 HP, Windows 7 Ult

I'm not sure if I applaud this effort or not. While it is a Good Thing to find flaws in the various browsers, I'm concerned by the part in the article that says:

...the contest is really a clever way of marketing TippingPoint's controversial Zero-Day Initiative (ZDI) scheme, under which researchers are paid to find exploits which are then added to the intrusion detection engines from which the company makes much of its living.

At the time of its launch in 2005, the ZDI was criticised by rival vendors and some independent voices as tantamount to encouraging people to sell exploits uncovered to the highest bidder, in this case, 3Com's TippingPoint division.TippingPoint points out that all exploits discovered through the Pwn2Own contest will be disclosed to the vendors concerned as well as being added to its own database.
What is the delay in telling vendors of the flaws? How fair is this to them?

<sigh> I guess we'll just have to live with it.
My System SpecsSystem Spec

 Browser exploits.

Thread Tools

Similar help and support threads
Thread Forum
Will Certain Updates open me up to Exploits?
I am just wondering... You can call me a noob if you want =) My way of thinking is that the least amount of software that you do not use is installed.... that more protected it will be. For instance... I do not use Silverlight whatsoever. Nor do i use Microsoft Security Essentials. Are there...
Windows Updates & Activation
Researchers up ante, create exploits for IE7, IE8
VULNERABILITIES Researchers have created attack code that exploits a zero-day vulnerability in Internet Explorer 7 (IE7) as well as in the newest IE8 -- even when Microsoft's recommended defensive measure is turned on. … On Sunday, Dino Dai Zovi, a security vulnerability researcher…, crafted...
System Security
With Exploits on the Way, It's Critical Win 7 Testers R
More at: DailyTech - With Exploits on the Way, It's Critical Win 7 Testers Run Tool to Safeguard Their PCs

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 02:10.
Twitter Facebook Google+