Windows, Ubuntu, macOS, VirtualBox Fall at Pwn2Own Hacking Contest (zdnet.com) 26
The 2020 spring edition of the Pwn2Own hacking contest has come to a close today. This year's winner is Team Fluoroacetate -- made up of security researchers Amat Cama and Richard Zhu -- who won the contest after accumulating nine points across the two-day competition, which was just enough to extend their dominance and win their fourth tournament in a row. From a report: But this year's edition was a notable event for another reason. While the spring edition of the Pwn2Own hacking contest takes place at the CanSecWest cyber-security conference, held each spring in Vancouver, Canada, this year was different. Due to the ongoing coronavirus (COVID-19) outbreak and travel restrictions imposed in many countries around the globe, many security researchers couldn't attend or weren't willing to travel to Vancouver and potentially put their health at risk. Instead, this year's Pwn2Own edition has become the first-ever hacking contest that has been hosted in a virtual setting. Participants sent exploits to Pwn2Own organizers in advance, who ran the code during a live stream with all participants present. During the competition's two-day schedule, six teams managed to hack apps and operating systems like Windows, macOS, Ubuntu, Safari, Adobe Reader, and Oracle VirtualBox. All bugs exploited during the contest were immediately reported to their respective companies.
Re: (Score:2)
Aah, the snobbery cycle took another step. (Score:2)
I bet you never even heard of 1337$p34k, kid. And now your body is mature, but your mind isn't.
Yeah, I was actually a kid, when this was at its peak. Discovering the Jargon File of my ancestors, carrying a user name containing that word that now ran out of coolness long ago, when iPeople like you started using it three times a day: "cyber". ... and evolving from a script kiddie into writing my first proper crack, and slowly becoming fully l33t/1337.
We used that speak just for one reason: Because it was fun
Re: (Score:2)
"pwn" is what a retarded kid says in chat
Modded to oblivion, but... lie not detected.
Left out one company (Score:1)
The bugs were reported to the NSA/CIA/FBI blah blah blah too. They may have already known of them though.
OpenBSD (Score:2)
Was it allowed to play ?
Re:OpenBSD (Score:5, Funny)
They couldn't get wifi drivers for the workstation.
Re: (Score:2)
LOL - Hold on let me recompile the kernel.
Good! (Score:3)
Junkets are fun but the sooner we use the magnificent technology we developed to reduce meat gatherings the better.
We should not have to move physically to interact intellectually.
It's obscenely polluting and wasteful of resources. If we're going to be serious about global warming reduction it's vital to minimize the human transport footprint and make the goods transport footprint extremely efficient via automation and clean energy. We can do this but don't want to. The coercion of circumstance is a push in the right direction.
Re: (Score:1)
No. No. No! (Score:4, Insightful)
Junkets are fun but the sooner we use the magnificent technology we developed to reduce meat gatherings the better.
We should not have to move physically to interact intellectually.
It's obscenely polluting and wasteful of resources. If we're going to be serious about global warming reduction it's vital to minimize the human transport footprint and make the goods transport footprint extremely efficient via automation and clean energy. We can do this but don't want to. The coercion of circumstance is a push in the right direction.
I knew... knew ... that some people would start trying to take advantage of this bug to start reshaping people to their liking. "Never let a crisis go to waste"
Un uh. F#&% that. F#&$ this whole anti-man attitude, where we no longer congregate, play, work, and interact with each other. In the name of the Earth. Or a virus. Or pick any other damn emergency you'd like, because there's always going to be another one. I refuse to become a virtually disembodied brain that runs from home and never leaves my door in the name of the environment, COVID, or anything else.
SUPPLEMENT physical interaction with virtual gatherings? Sure. Replace them? No. No. No.
Re: (Score:2)
Exactly. Humans are social creatures, and like all complex beings, there are those who need plenty of human interaction, and those who need less, and those who probably shouldn't interact with others at all. This whole work from home will work for a couple of weeks, but then things will degenerate as people get cabin fever. The only thing stemming the
Re: (Score:2)
You're talking to someone calling themselves "couchslug" - sounds like a fat, lazy, antisocial individual who's happy that he can now justify avoiding face-to-face interaction and physical travel.
Ubuntu but not Linux (nor Android)? (Score:2)
I'd like to see what exactly they got in through...
It's not in the article. Just some vague statement about input validation on the "Desktop". Do they mean the login manager? Or some graphical sudo?
Re: (Score:3)
I'd like to see what exactly they got in through...
It's not in the article. Just some vague statement about input validation on the "Desktop". Do they mean the login manager? Or some graphical sudo?
Perhaps you can just look at their security tracker and find the info there? https://usn.ubuntu.com/ [ubuntu.com] latest entry seems to fit: https://usn.ubuntu.com/4308-1/ [ubuntu.com]
Re: (Score:3)
ChromeOS? (Score:2)
No mention of ChromeOS? It usually wins every year.
can you run an sever on that? (Score:2)
can you run an sever on that?
Re: (Score:2)
Is the contest limited to server OSs?
Re: (Score:2)
Chrome OS was not in the competition: https://www.thezdi.com/blog/20... [thezdi.com]
Fluoroacetate ... (Score:2)
... as everyone knows, is the cause of gifblaar poisoning.