The PWN2OWN hacking competition has been rewarding security researchers for finding flaws in web browsers for years, but never like this.
For the 2011 iteration of the contest, Google is upping the ante by offering $20,000 to the security researcher that can successfully demonstrate a security flaw in Google Chrome.
Yeaah, they’ve got guts (and brains too).
Now I know what you’re thinking – it’s not that hard to hack a browser by way of plugins right? Well that’s true, and Google won’t consider those to be flaws worth $20,000 either.
“On day 1, Google will
offer $20,000 USD and the CR-48 if a contestant can pop the browser and
escape the sandbox using vulnerabilities purely present in
Google-written code,” the PWN2OWN contest rules state. “If competitors are unsuccessful, on day 2 and 3 the
ZDI will offer $10,000 USD for a sandbox escape in non-Google code and
Google will offer $10,000 USD for the Chrome bug. Either way, plugins
other than the built-in PDF support are out of scope.”