January 29, 2013
Google Offers Pi In Chrome OS Hacking Contest
Michael Harper for redOrbit.com — Your Universe OnlinePwnium” hacking competition in Vancouver, B.C. in March. Here, hackers will be asked to locate and demonstrate any critical security vulnerabilities in their software.
Armed with a Samsung Series 5 550 Chromebook, those hackers who are able to demonstrate a security flaw by taking over a user´s browser or even their entire machine via a malicious web page will earn themselves a cool $110,000 cash. Should a hacker demonstrate the ability to not only take control of a Chromebook, but command persistent control over the machine regardless of how many times a user reboots, they´ll be given a tidy $150,000. All told, Google is ready to give out a very Googley sum of money: $3.14159 million in cash prizes.
It´s almost enough to make you want to start brushing up on your hacking skills. Those without their own Chromebook, by the way, will be given access into a virtual machine to discover any weaknesses.
“Security is one of the core tenets of Chrome, but no software is perfect, and security bugs slip through even the best development and review processes. That´s why we´ve continued to engage with the security research community to help us find and fix vulnerabilities,” reads a Monday entry on the Chromium blog.
This year, Google has teamed up with HP´s “Pwn2Own” competition, where hackers will be asked to locate zero day exploits in today´s popular browsers, including Google´s Chrome and Apple´s Safari. Both the “Pwn2Own” and “Pwnium 3” competitions will take place in Vancouver from March 6 through the 8th.
Google´s curious pi-sized reward is simply Google being Google, reminding us all once more that they know things.
The sheer amount ($3.14159 million) of it all, however, is dramatically larger than any bounty they´ve placed on their software before. In the previous two “Pwnium” competitions, Google has only offered one and two million dollar prizes. Even then, the search giant and software maker only paid out a few hundred thousand of this reward to those hackers who were able to step up to the plate.
This year, Google´s $150,000 reward for being able to have persistent control of a machine is $90,000 more than they´ve paid in the past. In other words, it would appear as if Google is serious about finding security threats in their software.
This is also the first year where Google is focused on the OS form of Chrome rather than the browser. In previous years they have asked hackers to attack the Chrome browser. However this year they are being enticed by their HP partnership to ask hackers to focus mainly on the Chrome OS.
Though Chrome OS has been hailed as a relatively safe browser with a strong defense against hackers, it´s yet to be as widely adopted as their Chrome browser. While a good idea on paper, the fact that Chrome OS leans so heavily on an Internet connection has been seen as a little too forward thinking. Though we are quickly heading to a future of always-connected devices, there aren´t many who are comfortable to live completely in the cloud.