Pwn2Own Hacking Competition Returns in March, Up to $130,000 in Prizes Available for Safari Vulnerabilities

MacRumors

macrumors bot
Original poster
Apr 12, 2001
46,796
8,961



Trend Micro today announced that its annual Pwn2Own hacking competition will be held March 18-20 in Vancouver, Canada.


Pwn2Own, part of the CanSecWest conference, tasks security researchers with uncovering vulnerabilities in operating systems, web browsers, and more, ranging from macOS and Windows to Safari and Chrome.

This year, two prizes will be available for Safari on macOS, including $60,000 for a sandbox escape and $70,000 for a kernel-level escalation of privileges.

There is also up to a $500,000 prize for Tesla Model 3 vulnerabilities.

Last year at Pwn2Own, at least two zero-day security vulnerabilities were discovered in Safari on macOS. All exploits achieved during the contest are reported to the necessary companies like Apple so that they can be patched.

Article Link: Pwn2Own Hacking Competition Returns in March, Up to $130,000 in Prizes Available for Safari Vulnerabilities
 

JosephAW

macrumors 68030
May 14, 2012
2,547
2,787
I'm unable to attend, can I just telecommute or summon the car to my location?
 

Doctor Q

Administrator
Staff member
Sep 19, 2002
37,407
3,512
Los Angeles
OS and web browser vulnerabilities are bad enough, but hacked car software could lead to a more serious type of crash. Adding to the concern, auto manufacturers have much less experience in the software business.
 
  • Like
Reactions: biggest father1

Sasparilla

macrumors 65816
Jul 6, 2012
1,359
2,077
Nice to see. Any outing of security bugs is a good thing - so they can be patched. That said I have no idea if Safari is at the same security level as say Chrome or Firefox when it comes to external attacks.
 

brinary001

macrumors 6502a
Sep 4, 2012
861
925
Midwest, USA
OS and web browser vulnerabilities are bad enough, but hacked car software could lead to a more serious type of crash. Adding to the concern, auto manufacturers have much less experience in the software business.
This is a good point, however I would think Tesla to be one of if not the best at it since they’re a Silicon Valley-based company.
- - Post merged: - -

Nice to see. Any outing of security bugs is a good thing - so they can be patched. That said I have no idea if Safari is at the same security level as say Chrome or Firefox when it comes to external attacks.
Really? I feel like Safari would actually be better
 

brinary001

macrumors 6502a
Sep 4, 2012
861
925
Midwest, USA
Not really. They all fall pretty much every year like clockwork. It's a never ending game of find and fix, find and fix.
Yeah and also I guess Apple can only lock down its own systems so much. Like there's only so much they can do to protect themselves from the swarm of threats lurking out on the web that Safari will inevitably encounter.