Hacker cracks Safari at Pwn2Own, wins $62,500

four monitorsEveryone’s software was cracked at Pwn2Own, which is a hacker’s conference, and this included Safari, which was taken down by Liang Chen, who took home $62,500 for the deed.

The conference was sponsored by Hewlett-Packard and saw $850,000 in prize money going out to hackers for cracking Safari,  Chrome, Internet Explorer, Firefox and Adobe Flash.

Chen is part of a duo hacker team called Keen Team, and despite cracking Safari, he still has a lot of respect for Apple’s OS.

“For Apple, the OS is regarded as very safe and has a very good security architecture,” Chen said. “Even if you have a vulnerability, it’s very difficult to exploit. Today we demonstrated that with some advanced technology, the system is still able to be pwned. But in general, the security in OS X is higher than other operating systems.”

Chen exploited Safari by employing a heap-overflow-and-sandbox-bypass combination which took a reported three months to get right. Team Keen also won $75,000 for an Adobe Flash exploit, making their total winnings $137,500.

[via Forbes, image via Martin Treber’s flickr]

Share this post

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>