Slashdot Mirror
Microsoft's Edge Was Most Hacked Browser At Pwn2Own 2017, While Chrome Remained Unhackable (tomshardware.com)
At the Pwn2Own 2017 hacking event, Microsoft's Edge browser proved itself to be the least secure browser at the event, after it was hacked no less than five times. Google's Chrome browser, on the other hand, remained unhackable during the contest. Tom's Hardware reports: On the first day, Team Ether (Tencent Security) was the first to hack Edge through an arbitrary write in the Chakra JavaScript engine. The team also used a logic bug in the sandbox to escape that, as well. The team got an $80,000 prize for this exploit. On the second day, the Edge browser was attacked fast and furious by multiple teams. However, one was disqualified for using a vulnerability that was disclosed the previous day. (The teams at Pwn2Own are supposed to only use zero-day vulnerabilities that are unknown to the vendor. Two other teams withdrew their entries against Edge. However, Team Lance (Tencent Security) successfully exploited Microsoft's browser using a use-after-free (UAF) vulnerability in Chakra, and then another UAF bug in the Windows kernel to elevate system privileges. The exploit got the team $55,000. Team Sniper (Tencent Security) also exploited Edge and the Windows kernel using similar techniques, which gained this team the same amount of money, as well. The most impressive exploit by far, and also a first for Pwn2Own, was a virtual machine escape through an Edge flaw by a security team from "360 Security." The team leveraged a heap overflow bug in Edge, a type confusion in the Windows kernel, and an uninitialized buffer in VMware Workstation for a complete virtual machine escape. The team hacked its way in via the Edge browser, through the guest Windows OS, through the VM, all the way to the host operating system. This impressive chained-exploit gained the 360 Security team $105,000. The fifth exploit against Edge was done by Richard Zhu, who used two UAF bugs--one in Edge and one in a Windows kernel buffer overflow--to complete the hack. The attack gained Zhu $55,000. At last year's Pwn2Own 2016, Edge proved to be more secure than Internet Explorer and Safari, but it still ended up getting hacked twice. Chrome was only partially hacked once, notes Tom's Hardware.
are an oxymoron.
Or are going to tell me those Windows 10 pop-ups are lying? Hmmm?
It gives your laptop better battery life!
Why are you running Chrome without an adblocker? I really don't understand people. Use an adblocker, always. Use Ghostery if you are worried about tracking.
...it's hideous how it tracks you.
I don't have anywhere close to this unnerving tracking with Safari or Firefox.
You're running a browser created by the same organization who has essentially indexed our digital universe, and turned that into a multi-billion dollar empire.
At this point, shareholders practically demand perpetuating "hideous" activity.
The irony here is Chrome users feel more secure than ever.
No matter; it was in the article. (blush) "Firefox" "Firefox was back at this year’s Pwn2Own after missing last year, seemingly because the browser would’ve been too easy to hack. Things have changed a little since then, though; Firefox has gained some partial sandboxing capabilities. Two hacking attempts were made against Mozilla’s browser during the contest. Only one succeeded through an integer overflow in Firefox and an uninitialized buffer in the Windows kernel to elevate system privileges."
The Firefox target host ran out of RAM and crashed before it could be p0wned.
Yes, how dare they test things in the default configuration that only 99% of users will be using.
What else is there to say?
I'm starting to feel bad for MS these days. They've gotten so much better and are no longer truly evil, but just can't win.
Fast Federal Court and I.T.C. updates
Interesting how well-known issues such as use-after-free, heap overflow, type confusion, and uninitialized memory are still common attack vectors.
Seems to support the arguments for efficient, type-safe languages such as Rust.
And the bulk of comments will be that Microsoft is so wonderful, in spite of the mega-awful flaws.... we love it! Right?
Is it just me, or was every single winner in pwn2own asian? Here's the youtube video: https://www.youtube.com/watch?...
It's not entirely clear what Asian country everyone is from (or perhaps they're Asian-American), but assuming none of them are from the U.S., it should make those in government U.S. cybersecurity a bit anxious, and perhaps give pause to our new-found love of immigration restrictions.
Fast Federal Court and I.T.C. updates
Chrome might have remained unhackable.
Or quite possibly people can get more money for their Chrome exploits elsewhere, so they naturally don't want to submit - and then lose - good exploits here in this competition.
You are in a twisty maze of processor lines, all alike.
There is a lot of hype here.
Your web experience must be thrilling, kind of like surfing the web in 1995. Christ, just use gopher to get the full glory of the 1990s Internet experience.
The world's burning. Moped Jesus spotted on I50. Details at 11.
I have Onedrive ads popping up on one of my computers every time a File save dialog opens. Microsoft is the same evil, dirty player it ever was. It just doesn't have penetration on the biggest growth platform, so it's position is more vulnerable.
The world's burning. Moped Jesus spotted on I50. Details at 11.
The teams didn't just decide that morning "hey let's compete in Pwn2Own today". They prepared months in advance, testing all the browsers to see what they could do. Perhaps a month or two before the event, they decided which browser they had the best exploits for, the browser they would focus on during the actual competition.
All the teams but one learned from their testing that they wouldn't be able to hack Chrome. One team thought it was their best chance and that team failed.
You shouldn't have to turn off ads on your fucking computer, there should be no ads.
Edge isn't open source, it has no developer community, no user community like Firefox who will mercilessly bash it until it goes the right direction, no incentive to be secure.
You can steal millions from Google with a basic, unpublished cookie hack as they are the largest advertising company on planet. So, they are damn careful about their code. Chromium which eventually ends up to be Chrome has its own community. Additionally, there is a huge privacy fanatic user community, developer community in Mozilla.
Edge is a browser which comes with the OS, nothing else.
They've gotten so much better and are no longer truly evil,
Yeah they are. They have less utter dominance of the PC market, so have less opportunity to be evil in a very public and mustache twirling way, but don't be fooled.
Take for example SDXC and exFAT. exFAT is a not especially good and not innovative filesystem that exists for the sole purpose for Microsoft to have osme patents on it so they can engage in rent seeking. A great example is mnaging to somehow maniuplate the SD card forum into adopting it so the only compliant cards must use it.
It's a transparent attempt at both rent seeking and blocking open source software.
SJW n. One who posts facts.
don't work on circumvention tools
So that's how Chrome remains unhackable!
Rome taught me patience and assiduous application to detail. Virtues which temper the boldness of great, general views.
$105K for 3 zero days for the VMWare escape sounds hideously low. I bet those guys could get 10x that amount 'somewhere else'.
There's no reason to run a browser without AdBlock and ScriptSafe. That would be my minimum.