Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×
Chrome Google Security Upgrades News

In Under 10 Hours, Google Patches Chrome To Plug Hole Found At Its Pwnium Event 113

Posted by Soulskill from the omg-pwnies dept.
An anonymous reader writes "Last night, Google held its Pwnium 2 competition at Hack in the Box 2012, offering up a total of $2 million for security holes found in Chrome. Only one was discovered; a young hacker who goes by the alias 'Pinkie Pie' netted the highest reward level: a $60,000 cash prize and a free Chromebook (the second time he pulled it off). Google today patched the flaw and announced a new version of Chrome for Windows, Mac, and Linux."
This discussion has been archived. No new comments can be posted.

In Under 10 Hours, Google Patches Chrome To Plug Hole Found At Its Pwnium Event More

In Under 10 Hours, Google Patches Chrome To Plug Hole Found At Its Pwnium Event

Comments Filter:

  • I do wonder (Score:5, Interesting)

    by Trax3001BBS ( 2368736 ) on Wednesday October 10, 2012 @06:30PM (#41613529) Homepage Journal

    How hard Pinkie Pie had to fight not use their real name, or if Google just let it slide.

  • Crack on demand (Score:4, Interesting)

    by Xylantiel ( 177496 ) on Wednesday October 10, 2012 @06:52PM (#41613679)
    I think this demonstration of crack-on-demand is not really a good thing for chrome. This means that cracks for chrome are not worth too much more than 60k on the black market. That doesn't seem like a very high price.

  • Good to see (Score:4, Interesting)

    by dubbreak ( 623656 ) on Wednesday October 10, 2012 @06:53PM (#41613693)
    It's good to see Google is able to get patches out this quick. I've worked in small businesses that same day fixes were doable but a challenge and a government office with so much red tape pushing something to production that quick would have been impossible. I bet neither MS nor Apple could pull that off.

    Looks like Google is keeping it's hacker culture alive rather than becoming a slow moving behemoth like their competitors.

  • Non-existant QA? (Score:5, Interesting)

    by jmac880n ( 659699 ) on Wednesday October 10, 2012 @07:00PM (#41613769)

    While the turn-around time is impressive, it could not possibly have undergone extensive QA testing...

    I understand that some bugs can have such OBVIOUS solutions - what could POSSIBLY go wrong with the fix???

  • Getting people to work for you for free/cheap (Score:4, Interesting)

    by BeanThere ( 28381 ) on Wednesday October 10, 2012 @07:57PM (#41614253)

    Factoring all overheads (e.g. HR, office space, equipment), how much would a company like Google have to pay to hire a security team to do the amount of security testing work done collectively at this "competition"? Well above $2,000,000. A whole bunch of people do free testing, and one guy gets $60,000 'and a free Chromebook, wow' - not that impressive an amount, considering the amount of self-training and self-development you have to put it in to reach that level of expertise, and the amount of time needed to find a security problem. $60K is, what, maybe 6 months salary of hiring a person of that skill level to do similar work .. when you factor in overhead costs, maybe even just 3 or 4 months worth (Google would probably have been very lucky to hire someone to find that bug for that cost). Come on Google, you can afford to pay people properly for such valuable work .. I don't like these cheap tricks that companies like Google use to effectively get people to work for them for free or peanuts.

Slashdot Top Deals

If you think the system is working, ask someone who's waiting for a prompt.

Close