The recent CanSecWest Pwn2Own contest saw successful hacking attacks against Microsoft Internet Explorer 8, Mozilla Firefox and Apple's Safari and iPhone products. Now that the dust has settled and the vendors are starting to patch the vulnerabilities, Threatpost editor Ryan Naraine takes a look at the real-world implications of the contest and the lessons learned.
Comments
The fuzzing picture is broken
And it's the only one thats informative too.... :-(
I still wonder what about my
10 Lessons ???
Excellent read! The next Black Hat Contest should include the top five hackers from every country in the world, and...pay them what they want. We need them for our own future. I do agree, with the idea they should hold back the best info, and yes they should be paid for what they know. Congratulations to everyone that participated, wish I could have just been there to listen !!!
ASLR/DEP Protection
http://www.coresecurity.com/content/virtual-pc-2007-hypervisor-memory-protection-bug
Virtual PC Hypervisor Memory Protection Vulnerability
Well written
Good article.
million
Show me the money. I just read about an Opera exploit somewhere recently. For a million, I'll be happy to dig that article up
I'm glad that IE8 had a strong showing here, especially since no one wanted to trust the independent review back in 09 since it was paid for by MS. Remember folks, Obscurity is not Security.
Unfortunately,
That goes against the nature of the beast. We never hear from the best of the best.
Post new comment