X
Tech

Pwn2Own claims RIM, Microsoft, Apple

Entries from Microsoft, RIM and Apple have all bitten the dust at this year's renowned Pwn2Own hacker-fest at CanSecWest in Canada.
Written by Darren Pauli, Contributor

Entries from Microsoft, RIM and Apple have all bitten the dust at this year's renowned Pwn2Own hacker-fest at CanSecWest in Canada.

Pawn image

(Pawn bokeh image by Alan Cleaver, CC2.0)

Today, RIM paid the price for adding a WebKit browser to its BlackBerry phones, as Ralf Philipp Weinmann, Vincenzo Iozzo and Willem Pinckaers launched a successful drive-by download attack on the BlackBerry Torch 9800 following a run of trial-and-error attempts.

The hack, which won them the BlackBerry portion of the competition, might just see RIM introduce the absent Data Execution Prevention and Address Space Layout Randomisation into the phones. Iozzo and Pinckaers also won a US$15,000 prize last year for hacking into an iPhone.

Notorious Apple exploiter Charlie Miller this year hacked into an iPhone 4 and stole its contacts by exploiting a Mobile Safari flaw. Miller took home US$10,000 for hacking into a fully patched MacBook at Pwn2Own 2009.

Microsoft's Internet Explorer and Apple's Safari also fell to some impressive hacks. Safari was owned on a fully patched 64-bit Mac OS X, while Windows fell on a 64-bit Windows 7 box running Service Pack 1.

Google's Chrome and Mozilla's Firefox prevailed, which means Google got to keep the US$20,000 prize it had offered to anyone who broke its browser's sandbox to compromise a Windows 7 machine.

Mozilla, Google and Apple had all pushed out some serious updates days before the event.

Security reporter Ryan Naradine from ZDNet Australia's United Sates sister site is reporting from the conference.

ZDNet Pwn2Own coverage:

Editorial standards