Pwnium: Google premia gli hacker

Un premio fino a 1 milione di dollari per gli hacker che troveranno falle nel browser Google Chrome.

Una competizione per trovare errori e varchi nel browser Google Chrome. Una gara rivolta ai talenti della programmazione informatica,altrimenti detti "hacker". Un modo per mettere alla prova le sue difese.

La competizione si svolgerà nell'ambito della conferenza sulla sicurezza CanSecWest 2012, a Vancouver.

_____________________

The aim of our sponsorship is simple: we have a big learning opportunity when we receive full end-to-end exploits. Not only can we fix the bugs, but by studying the vulnerability and exploit techniques we can enhance our mitigations, automated testing, and sandboxing. This enables us to better protect our users.

I premi messi in palio da Google sono articolati in pacchetti da 60.000, 40.000 e 20.000 dollari, a seconda della difficoltà di hackeraggio e gravità delle falle trovate.

• $60.000 - “Full Chrome exploit”: Chrome / Win7 local OS user account persistence using only bugs in Chrome itself;
• $40.000 - “Partial Chrome exploit”: Chrome / Win7 local OS user account persistence using at least one bug in Chrome itself, plus other bugs. For example, a WebKit bug combined with a Windows sandbox bug;
• $20.000 - “Consolation reward, Flash / Windows / other”: Chrome / Win7 local OS user account persistence that does not use bugs in Chrome. For example, bugs in one or more of Flash, Windows or a driver. These exploits are not specific to Chrome and will be a threat to users of any web browser. Although not specifically Chrome’s issue, we’ve decided to offer consolation prizes because these findings still help us toward our mission of making the entire web safer.

All winners will also receive a Chromebook.

La competizione avrà luogo nell'ambito della conferenza sulla sicurezza CanSecWest 2012.

________________

The 12th annual CanSecWest conference will be held March 7-9 2012 at the Sheraton Wall Centre hotel in downtown Vancouver, British Columbia.

CanSecWest, the world's most advanced conference focusing on applied digital security, is about bringing the industry luminaries together in a relaxed environment which promotes collaboration and social networking. The conference lasts for three days and features a single track of thought provoking presentations, each prepared by an experienced professional and talented educator who is at the cutting edge of his or her field. We give preference to new and innovative material, highlighting important, emergent technologies, techniques, or best industry practices.

Per maggiori informazioni consultare i Links.