START A PETITION 25,136,189 members: the world's largest community for good
Oct 12, 2012

A teenage hacker who goes by the name of “Pinkie Pie” will receive $60,000 in prize money from Google, by producing the first Chrome vulnerability at the Hack in the Box conference on Wednesday. The exploit was discovered and successfully launched just ahead of the deadline for completion, according to early reports from the event. Before awarding the cash prize, Google had to first verify and confirm the vulnerability – which it just now did, the company tells us via email. More details have also been posted to the Google Chrome blog.

According to the blog post, the hack involves the following exploit:

[$60,000][154983][154987] Critical CVE-2011-2358: SVG use-after-free and IPC arbitrary file write. Credit to Pinkie Pie.

Google has set aside $2 million in prize money for hackers who find security vulnerabilities in its Chrome web browser, with $60,000 being reserved for those who find “full Chrome exploits.” $50,000 which is offered for partial exploits, and $40,000 for non-Chrome exploits – that is, other bugs found in Flash, Windows, or a driver that are not necessarily specific to Chrome, but could cause issues for users. Google said in February that it would awards those latter prizes because it also served the company’s overall mission of “making the entire web safer.” (The prize amounts have since changed.) Incomplete exploits may also be rewarded, based on judges’ decisions.

This is the second time “Pinkie Pie” has earned the top prize. In March, the hacker also earned $60,000 in the first “Pwnium competition” (as the event is called) by stringing together six vulnerabilities in order to break out of Chrome’s sandbox. According to a report from Infoworld, the hacker was not attending the Hack in the Box event this week, but had a colleague submit his latest entry for him.

In case you’re curious, the hacker is only identified by his handle “Pinkie Pie” because his employer doesn’t authorize his activity, noted Wired in March. (And yes, “Pinkie Pie” refers to the My Little Pony TV show, which has quite the following on Reddit).

Google has been offering cash rewards for those discovering security vulnerabilities and other bugs for some time. In March 2010, for example, the company began offering bounties for bugs found in the open-source browser Chromium (Chrome’s code base), which started at $500 and went up to $1,337 (yep, “leet” in hacker lingo).

Visibility: Everyone
Tags: , , , , , , ,
Posted: Oct 12, 2012 12:35am
Jan 1, 2005
Predicting the future is hard, but that doesn’t stop us from trying. We’re Wired, after all.

Ten years ago, we boldly declared that we’d be living with phones on our wrists, data-driven 

goggles on our eyes and gadgets that would safety-test our food for us. Turns out, a lot of 

the things Sonia Zjawinski conceptualized in our “Living in 2013” feature way back in 2003 

were remarkably close to what we’ve seen. We even got the iPhone right (sort of).

And so, as we look back on life in 2013 circa 2003, we’re going to spin it forward once again 

to tell you what life will be like in 2023.

Predicted for 2003 (above):

Apple redefined the desktop, laptop, and MP3 player. The next insanely great thing: an LCD 

arm cuff that includes a PDA, wireless Internet, a mini iPod, and, of course, a phone. The 

iPhone bracelet's motion sensor allows you to scroll through apps and files with the flick of 

a wrist, its clasp holds a digicam for use during video calls, and its wireless ear clip lets you 

listen and speak to callers. And everything can be done via voice recognition or touchscreen. 

Delivered in 2013:

Hey, it turns out, Apple gave us an iPhone after all! We got the name right, and even seemed 

to know about FaceTime. But the form factor details? Not so much. While you can wear an 

iPod nano as a watch, or make a call with your iPhone, if you want the watch-plus-phone 

combination that we teased you with 10 years ago, for now you'll need to pick up a secondary 

gadget that can transmit to your phone, like this Pebble.

Looking ahead to 2023:

Here's the thing, the screen on a watch is simply too small to display lots of data. And as an 

input device? Forget it. Yet keeping your phone out of sight means you often can't interact with 

your data on the go. The obvious answer is a variable size display. Samsung has already 

demonstrated a pretty convincing foldable OLED display prototype. Given 10 more years, we can 

easily see one screen serving multiple purposes by taking on multiple form factors, depending on

whether you wanted to simply glance at it to read a message, or unfold it to write your reply.

Visibility: Everyone
Tags: , , ,
Posted: Jan 1, 2005 11:05pm


Content and comments expressed here are the opinions of Care2 users and not necessarily that of or its affiliates.


Howard L.
, 0
Shares by Type:
All (9) | Blog (9)

Showing shares tagged with: adventures [show all]
No shares