Slashdot Mirror
Every Browser Hacked At Pwn2own 2015, HP Pays Out $557,500 In Awards
darthcamaro writes: Every year, browser vendors patch their browsers ahead of the annual HP Pwn2own browser hacking competition in a bid to prevent exploitation. The sad truth is that it's never enough. This year, security researchers were able to exploit fully patched versions of Mozilla Firefox, Google Chrome, Microsoft Internet Explorer 11 and Apple Safari in record time. For their efforts, HP awarded researchers $557,500. Is it reasonable to expect browser makers to hold their own in an arms race against exploits? "Every year, we run the competition, the browsers get stronger, but attackers react to changes in defenses by taking different, and sometimes unexpected, approaches," Brian Gorenc manager of vulnerability research for HP Security Research said.
What a joke. "Modern" languages allow all sorts of security exploits through. Such as this hilarious one involving Ruby on Rails.
These are "stock" browsers without security plugins or addons, correct? None too surprising really.
You mean malware like Symantec? I agree, exploiting anything on a Symantec infested machine would take much longer... but only because everything running on that system would run at about 1/17th max throughput.
window.onbeforeunload = function(){while(1);}
Throw that on a page, close the tab, and lol.
Browsers happily execute what the page commands it to before considering what you the user commanded it to do. There are poorly-documented restrictions on things you can do during beforeunload or unload, all varying across browsers. I don't think you can alert(), you can return 'Some Shit' but it always displays a stock message ("Do you want to leave this page?"), IE will block window.open calls, etc. There's still plenty of room for you to fuck the user's experience over, however.
Eventually the browser's long-running script timer will grant you, the pitiful user, the option to fucking do what you want.