The Pwn2Own competition, which is held every year to challenge hackers and security experts to find vulnerabilities in web browsers and mobile devices, has taken its usual share of victims with one surprise survivor during its first day.
Targeted browsers included Microsoft’s Internet Explorer 8, Mozilla’s Firefox, and Google’s Chrome, running on a Sony Vaio notebook running Windows 7 as well as Safari and Firefox on a Macbook running OS X.
After the first day of the Pwn2Own contest, Google’s Chrome browser was the only browser left standing. Firefox, Safari, and Internet Explorer, however, all fell to hackers with Safari exploited in mere seconds.
So what makes Chrome so secure? Previous Pwn2Own champion Charlie Miller says that although he did find a security hole in Google’s browser, he was unable to exploit it because of Chrome’s browser’s sandboxing feature (which is a security mechanism that keeps running code isolated using a tightly-controlled set of virtual resources) and Windows 7 security measures which combined to prevented him from exploiting any Chrome weaknesses.
Competition organisers purchase all winning vulnerabilities that are successfully used against browsers, handing them over to affected vendors, and coordinating full public disclosure to ensure all vulnerabilities are secured.