In a recent annual hacking competition,held on March 24th 2010, a total prize fund of $100,000 was awarded to hackers (sorry..cough…security experts) who successfully break into various types of software. The big four web browsers were among these targets. These browsers are fully up to date with all security patches, so the hackers have to discover unknown vulnerabilities (they have all year to prepare!) and they just hope that the vulnerabilities aren’t discovered and fixed days before the event!
Anyway, the first browser to fall (in a few seconds to Charlie Miller) was Safari on the Mac OS X. So much for the Mac being secure! A case of security through obscurity…
Another guy “Nils” successfully cracked Firefox, I.E and Safari.This was on Windows 7 on the first day. On the second two days, the task of cracking IE7 on Vista and XP was trivial as the 64 bit version of Windows 7 is microsoft’s most secure desktop product, combining kernel patch protection with User Account Control UAC
After three days, no-one had hacked Google Chrome. This was stated to be because of the “sandbox” feature of Chrome that helps to isolate it from the operating system.
There were also prizes offered for cracking mobile phone software. The iPhone fell during the first session.
Further reading from the pwn2own organizers