This year’s CanSecWest Pwn2Own hacking contest proved one thing: nothing is safe from concerted hack attempts in today’s digital society. No iPhone, Web browser, or much of anything else is safe, it turns out. Hackers turned out in droves to the CanSecWest event in Vancouver for the annual Olympic Games of Hacking (as it were).
Two Europeans tore into an iPhone and not only did they get through all of the security features (the phone was fully patched), but they managed to pull the entire SMS database including erased messages. ZDNet broke that story with a highlight of how it went down.
Famed hacker Charlie Miller was there to once again show that no matter how much they do to upgrade it, Safari is not a browser safe from attack. This year, he did it without even having access to the machine it was installed on, getting into the MacBook Pro from afar, according to CNET News.
No browser is safe, it turns out, as a German student demonstrated by hacking both Firefox and IE8 as well as Safari (though not remotely, as did Miller). Incidentally, the aforementioned iPhone hack took place via the Safari browser. Fair warning to Safari users.
The whole Pwn2Own event is put on by TippingPoint, who gives cash and other prizes to participants for the best hacks and explanations of their exploits. These are then shared with the vendors who make the devices and software in order to bolster security.
Most of the prizes at this year’s event were in the $10,000 and $15,000 range for top takers. In return for their prizes (and fame), participants are required not to disclose details of their techniques.