Google announces $2.7 million Reward for hacking Chrome OS at Pwnium Contest
Pwnium is the annual Hacking competition where Google invites coders from around the world to find security holes in Google Chrome. Google has announced its 4th Pwnium Hacking Contest hosted at the Canadian Security conference in March, offering more than $2.7 million in potential rewards for hacking Chrome OS-running ARM and Intel Chromebook.
This year the security researchers have a choice in between an ARM-based Chromebook, the HP Chromebook 11 (WiFi) and the Acer C720 Chromebook (2GB WiFi) based on Intel’s Haswell microarchitecture.
The attack must be demonstrated against one of these devices running “then-current” stable version of Chrome OS.
“Security is a core tenet of Chromium, which is why we hold regular competitions to learn from security researchers. Contests like Pwnium help us make Chromium even more secure,” Jorge Lucángeli Obes, Google Security Engineer said.
Amongst the payouts are [highlight]$110,000[/highlight] for the browser or system-level compromise in guest mode or as a logged-in user, delivered via a web page.
[frame align=”none”]Google will also pay [highlight]USD 150,000[/highlight] for providing an exploit, able to persistently compromise an HP orAcer Chromebook, i.e. hacking the device to retain control even after a reboot.[/frame]
Google further revealed that it will be giving out bonuses to all those who come up with an impressive exploit to defeat kASLR, exploiting memory corruption in the 64-bit browser process or exploiting the kernel directly from a renderer process. The full exploit must be given to Google with explanations for all individual bugs used.
“To register, email firstname.lastname@example.org. Registration will close at 5:00 p.m. PST Monday, March 10th, 2014. Only exploits demonstrated on time in this specifically-arranged window will be eligible for a reward.“
The earlier editions of Pwnium competitions focussed on Intel-based Chrome OS devices, and Google had paid out [highlight]$50,000[/highlight] to a prolific hacker who goes by “Pinkie Pie,” for an exploit.
Do you think you are up to the task? Gear up your keyboards & Give it a try!