Those looking for a piece of the action have to register for this year’s installment of Pwnium by March 10. The battle begins just two days later when CanSecWest 2014 kicks off in Vancouver.
Individual exploits will earn an attacker up to $150,000. It’s no mean feat, however. The attack has to be able to persist on a Chromebook — which can self-heal while rebooting — and the malicious code has to be delivered by a web page. That means no infected USB drives. Only browser-based drive-by attacks will be rewarded.
Successful attacks that don’t survive the reboot will still be handsomely rewarded. Google will still pay $110,000 for a successful non-persistent hack.
Google has really upped the ante for this year’s Pwnium competition. Last year, there was one successful attack. It was pulled off by a hacker named PinkePie and he took home $40,000. That’s a nice payout, to be sure, but peanuts compared to this year’s prizes. As if the thought of winning $150,000 isn’t enough to get security pros’ motivated, remembering that PinkiePie successfully compromised Chrome OS will help, too.
Participants have their choice of targets this year. In previous Pwniums, the only targets available were Intel-based Chromebooks. This time around both HP’s ARM-based Chromebook 11 and the Acer C720 will be placed in harm’s way.
If you’re wondering if there’s an Easter Egg with the Chrome OS bounty, there is. Just as Google has paid out $1,337 for Chrome exploits the total pot for Pwnium adds up to e.
No comments:
Post a Comment