Google challenges Chrome OS hackers with $2.7m bounty

Operating Systems

by CBR Staff Writer| 28 January 2014

Hackers who can persistenty compromise an HP or Acer Chromebook will receive the highest bounty.

Google announced a whopping $2.7m bounty to security professionals if they crack the security of Chrome operating system at the upcoming Pwnium 4 hacking contest to be held in March 2014 at the CanSecWest security conference in Canada.

During the event, security researchers have to choose between Intel- or ARM-powered laptops, unlike last year when they had to crack a Chromebook powered by Intel processor.

Hackers must be able to exploit the kernel directly via a renderer process, exploiting memory corruption in the 64-bit browser process or defeating Kernel Address Space Layout Randomization (KASLR) that boosts complexity of threats to occur.

Google security engineer Jorge Obes said that security is a core tenet of Chromium [the foundation of Chrome and Chrome OS], which is why we hold regular competitions to learn from security researchers.

"Contests like Pwnium help us make Chromium even more secure," Obes said.

"This year Pwnium 4 will once again set sights on Chrome OS, and will be hosted in March at the CanSecWest security conference in Vancouver."

Hackers who successfully exploit the OS would be get prizes of $110,000 and $150,000, while the highest bounty would be rewarded to hackers delivering an exploit that can persistently compromise a HP or Acer Chromebook.

"New this year, we will also consider significant bonuses for demonstrating a particularly impressive or surprising exploit," Obes added.

"Potential examples include defeating kASLR, exploiting memory corruption in the 64-bit browser process or exploiting the kernel directly from a renderer process."

Post a comment

Comments may be moderated for spam, obscenities or defamation.
Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.