SoylentNews is people
SoylentNews
The annual Pwn2Own hacking competition wrapped up its 2015 event in Vancouver with another banner year, paying $442,000 for 21 critical bugs in all four major browsers, as well as Windows, Adobe Flash, and Adobe Reader.
The crowning achievement came Thursday as contestant Jung Hoon Lee, aka lokihardt, demonstrated an exploit that felled both the stable and beta versions of Chrome, the Google-developed browser that's famously hard to compromise. His hack started with a buffer overflow race condition in Chrome. To allow that attack to break past anti-exploit mechanisms such as the sandbox and address space layout randomization, it also targeted an information leak and a race condition in two Windows kernel drivers, an impressive feat that allowed the exploit to achieve full System access.
(Score: 2) by bzipitidoo on Sunday March 22 2015, @02:10AM
Which 4 browsers did they mean by "major"? 3 of them had to be Firefox, Chrome, and IE. Was the 4th Opera? Maybe SeaMonkey? No, it was Safari.
(Score: 3, Touché) by CirclesInSand on Sunday March 22 2015, @02:15AM
So Lynx is still secure?
(Score: 2) by Appalbarry on Sunday March 22 2015, @03:33AM
Only if you don't install javascript....
(Score: 3, Interesting) by jasassin on Sunday March 22 2015, @10:44PM
OpenBSD just removed Lynx from the base install. I tried finding out why, there were at least a few references to security being a reason but no specific exploits listed. Maybe someone here has some better kung fu and can find out why OpenBSD just removed Lynx from the base install?
jasassin@gmail.com GPG Key ID: 0x663EB663D1E7F223
(Score: 1, Informative) by Anonymous Coward on Monday March 23 2015, @10:52AM
Safari is the default browser on OS X and iOS.
Opera and SeaMonkey have nothing on that.