With Millions Paid in Hacker Bug Bounties, is the Internet Any Safer?
By Kim Zetter
|Security researcher “Pinkie Pie” demonstrated the exploit he developed for attacking Google’s Chrome browser earlier this year. Courtesy of Kim Zetter/Wired
The night before the end of Google’s Pwnium contest at the CanSecWest security conference this year in Vancouver, a tall teen dressed in khaki shorts, tube socks and sneakers was hunkered down on a hallway bench at the Sheraton hotel hacking away at his laptop.
With a $60,000 cash prize on the line, the teen, who goes by the hacker handle “Pinkie Pie,” was working hard to get his exploit for the Chrome browser stabilized before the close of the competition.
The only other contestant, a Russian university student named Sergey Glazunov, had already made off with one $60,000 prize for a zero-day exploit that attacked 10 different bugs.
Finally, with just hours to go before the end of the three-day competition, Pinkie Pie achieved his goal and dropped his exploit, a beauty of a hack that ripped through six zero-day vulnerabilities in Chrome and slipped out of the browser’s security sandbox.
Read more.