Pwnium competition: failed to crack ChromeOS and Chrome in Linux environment
Established by Google prize of 3.14159 million remained unclaimed. In contrast to the success of the competition Pwn2Own, which was demonstrated hacking Chrome, Firefox, IE 10, Java, Flash and Adobe Reader on Windows, parallel to the contests Pwnium left without winners.
Despite the higher fee, no one was able to demonstrate bypass security features ChromeOS and exploit vulnerabilities in the browser Chrome, running in a Linux-environment ChromeOS. However, some participants were recognized for working part eksplotity trying to attack a previously unknown vulnerability. Recall that in the hacking contest Pwn2Own Chrome was made possible by vulnerabilities in the kernel of Windows, which is allowed to go beyond the level of isolation sandbox.
For breaking out of the browser or Chrome OS operating system-level vulnerability Chrome OS, with the original work in guest mode and activation exploit the Web, was reward of 110 thousand dollars. If the attacker managed to keep their data between reboots in guest mode after attack through web, the size of the award would be increased to 150 thousand dollars.
Demonstration of an attack should be performed on the base model Samsung Series 5550 Chromebook, which is installed the latest stable version of Chrome OS. During the attack could be used any platform components, including the Linux kernel and system libraries.
Pwnium 3 is now kicking off at CanSecWest in Vancouver: https://plus.google.com/+chrome/posts/TRotibBewk9