Pwn2Own 2010: Google Chrome is the last man standing

**Skiz** · 04-02-2010, 05:43 AM

Pwn2Own 2010: Google Chrome is the last man standing
Mar 25th 2010 at 9:01AM

" Pwn2Own 2010 is under way, and after day one of the annual security showdown the results are darn near an exact replica of last year's. Safari was the first to fall, followed by Internet Explorer 8 on Windows 7. Firefox on Windows 7 x64 was also taken down, as was the iPhone's mobile Safari. Google Chrome, however, has yet to succumb.

Once again, it's Chrome's sandbox which is making things difficult. At last year's Pwn2Own, Charlie Miller had this to say:

"There are bugs in Chrome but they're very hard to exploit. I have a Chrome vulnerability right now but I don't know how to exploit it. It's really hard. They've got that sandbox model that's hard to get out of. With Chrome, it's a combination of things - you can't execute on the heap, the OS protections in Windows and the Sandbox."

Miller successfully targeted Safari on OsX using one of 20 exploits he had at the ready -- exploits which he uncovered using a simple 5-line Python script. "Tomorrow, I'm going to describe exactly how I found them, so hopefully that means Apple will replicate what I did and they'll find my 20 [bugs] and probably a lot more," Miller stated.

The mobile Safari attack was particularly impressive, since running code on the iPhone requires a valid digital signature. By rearranging bits of pre-signed code, Halvar Flake of Zynamics was able to deliver a malicious payload via Safari and force the iPhone to cough up its complete SMS database. Contacts and messages were laid bare -- including deleted ones.

While most (if not all) of these exploits aren't being used in the wild, it's still an indication of just how scary the landscape of the Internet is right now. How do you stay safe? Google Chrome looks like a good choice, obviously, but there's another option: Opera.

As one participant put it, "I use Opera, but that's basically because it has a tiny market share and as far as I know, nobody is really interested in creating a drive-by download for Opera."

Gotta love security by obscurity -- am I right, Apple fans? "

Source: Pwn2Own 2010: Google Chrome is the last man standing

Homepage: http://www.downloadsquad.com/

**Sporkk** · 04-02-2010, 08:04 AM

I'm trying to get in the habit of using sandboxie with whatever browser I'm using at the moment. They say the 64 bit version of ie8 is also very isolated and secure.

**Aum** · 04-06-2010, 02:10 PM

I came a little.

**yuit** · 04-09-2010, 09:47 PM

interesting. wonder if there are any performance penalties in chrome for being so secure

**Sporkk** · 04-09-2010, 10:44 PM

Actually Chrome is faster than firefox or ie. I will switch when AB+ is available for it.

**anon** · 04-09-2010, 10:47 PM

Originally Posted by jedispork

Actually Chrome is faster than firefox or ie.

Is it faster than Opera 10.50?

**icyboy** · 04-20-2010, 11:20 AM

If chome has more optional extensions as firefox,mostly something like ABP and many other excellent ones，I bet chrome will have a large share。
Now I’m using firefox with noscript，it's much safer！

**Sporkk** · 04-20-2010, 01:11 PM

I didn't find no script to be worth the hassle. If a site is compromised you can still be attacked through your white list fwir. I like the virtualized security like sandboxie but noscript could still be cool to see whats going on.

**ca_aok** · 04-20-2010, 07:28 PM

I use NoScript... it's annoying to set up your initial whitelist of sites you frequent but afterwards it works quite well. CookieSafe is another decent extension that works just like NoScript does except with cookies rather than scripts.