Hewlett-Packard and its Zero Day Initiative (ZDI) effort have sponsored the Pwn2Own contest at the CanSecWest conference for years now.
At the Pwn2Own event, independent security researchers square off against each other hacking Web browsers for prize money. Never before has HP’s own researchers participated in the actual hacking contest, but that is now set to change.
HP is announcing today the Pwn4Fun event at Pwn2Own, where HP ZDI staff will compete against Google staff to see who can hack browsers with new previously undisclosed exploits.
In the regular Pwn2Own event, researchers are awarded prize money for successful exploitation of Microsoft’s Internet Explorer 11, Mozilla’s Firefox, Apple’s Safari and Google’s Chrome Web browsers. This year’s Pwn2Own event will include a special $150,000 (£90,000) prize for a researcher who is able to successfully exploit IE 11 running on a 64-bit Windows 8.1 operating system, with the Enhanced Mitigation Experience Toolkit (EMET) running.
Brian Gorenc, manager of Vulnerability Research at HP’s Security Research division, told eWEEK that his team will be limiting itself to vulnerabilities discovered internally by members of the ZDI team.
“Vulnerabilities submitted through our external research community are out of scope for our entries,” Gorenc said. “ZDI is using any means necessary to find the flaws that can be used in the competition, with a goal of donating as much money to charity as possible.”
Gorenc said the charity attempts by ZDI and Google will be the first to go at Pwn2Own when the event starts on 12 March.
“Our goal is to ensure every contestant has equal opportunity to win,” he said.
As to why HP is now starting the Pwn4Fun event, Gorenc has a simple answer: “Why not?”
“Pwn2Own highlights some of the best exploit developers in the world,” Gorenc said. “This new session within Pwn2Own provides employees in both HP and Google with the ability to participate, show off their skills and donate a bunch of money to charity.”
He added, “It is a win-win for everyone.”
Are you a security pro? Try our quiz!
CMA receives 'provisional recommendation' from independent inquiry that Apple,Google mobile ecosystem needs investigation
Government minister flatly rejects Elon Musk's “unsurprising” allegation that Australian government seeks control of Internet…
Northvolt files for Chapter 11 bankruptcy protection in the United States, and CEO and co-founder…
Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector
Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…
Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…