HP To Battle Google Staff In Hacking Contest

Hewlett-Packard and its Zero Day Initiative (ZDI) effort have sponsored the Pwn2Own contest at the CanSecWest conference for years now.

At the Pwn2Own event, independent security researchers square off against each other hacking Web browsers for prize money. Never before has HP’s own researchers participated in the actual hacking contest, but that is now set to change.

Hacking Contest

HP is announcing today the Pwn4Fun event at Pwn2Own, where HP ZDI staff will compete against Google staff to see who can hack browsers with new previously undisclosed exploits.

In the regular Pwn2Own event, researchers are awarded prize money for successful exploitation of Microsoft’s Internet Explorer 11, Mozilla’s Firefox, Apple’s Safari and Google’s Chrome Web browsers. This year’s Pwn2Own event will include a special $150,000 (£90,000) prize for a researcher who is able to successfully exploit IE 11 running on a 64-bit Windows 8.1 operating system, with the Enhanced Mitigation Experience Toolkit (EMET) running.

For the Pwn4Fun event, instead of giving HP and Google researchers prize money, HP is donating money to charity. For an IE or Chrome exploit, HP will donate $50,000 (£29,997); for a Flash exploit, $37,500 (£22,507) will be donated. The Canadian Red Cross will be the recipient.

Brian Gorenc, manager of Vulnerability Research at HP’s Security Research division, told eWEEK that his team will be limiting itself to vulnerabilities discovered internally by members of the ZDI team.

“Vulnerabilities submitted through our external research community are out of scope for our entries,” Gorenc said. “ZDI is using any means necessary to find the flaws that can be used in the competition, with a goal of donating as much money to charity as possible.”

Charity Win

Gorenc said the charity attempts by ZDI and Google will be the first to go at Pwn2Own when the event starts on 12 March.

“Our goal is to ensure every contestant has equal opportunity to win,” he said.

As to why HP is now starting the Pwn4Fun event, Gorenc has a simple answer: “Why not?”

“Pwn2Own highlights some of the best exploit developers in the world,” Gorenc said. “This new session within Pwn2Own provides employees in both HP and Google with the ability to participate, show off their skills and donate a bunch of money to charity.”

He added, “It is a win-win for everyone.”

Are you a security pro? Try our quiz!

Sean Michael Kerner

Sean Michael Kerner is a senior editor at eWeek and contributor to TechWeek

Recent Posts

Apple, Google Mobile Ecosystems Should Be Investigated, CMA Told

CMA receives 'provisional recommendation' from independent inquiry that Apple,Google mobile ecosystem needs investigation

3 days ago

Australia Rejects Elon Musk Claim About Social Media Ban For Under-16s

Government minister flatly rejects Elon Musk's “unsurprising” allegation that Australian government seeks control of Internet…

3 days ago

Northvolt Files For Bankruptcy Protection In US

Northvolt files for Chapter 11 bankruptcy protection in the United States, and CEO and co-founder…

3 days ago

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

3 days ago

Former Policy Boss At X, Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

4 days ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

4 days ago