IE8, Safari, and Firefox All Fall in Hacking Test

Day One of the CanSecWest Pwn2Own hacking contest finished Wednesday, with fully-patched copies of IE8, Safari, and Firefox all falling to hacker "Nils".

IE8 and Firefox took longer than Safari, which fell in seconds, according to reports from CanSecWest where the Pwn2Own contest is held. Earlier today we reported on the agenda and final rules for the contest.

Pwn2Own is a live hacking contest at which many of the best security researchers in the world attempt to crack the products you run every day live for cash prizes. Actually, in this case some of the versions of products are a little ahead of what you run, just to make it as challenging as possible.

On a Sony Vaio running Windows 7 the following browsers will be attacked: IE8, Firefox, Chrome, followed by the Safari and Firefox browser running on a Mac.

On day 1 of the contest, hackers must attack a default installation with no added plugins. On day 2 Flash, Java, .Net, and QuickTime are added and the "attack surface" is much greater. On day 3 popular apps such as Acrobat Reader are added. For these browser tests, success means code execution within context of the application.

Success is defined as either "loss of information (user data)" or "incur financial cost".

For his exploits Nils won a cash prize and the Sony Vaio used in the contest.

A version of this story was originally posted on the PCMag.com security blog, Security Watch.