There can only be one

TippingPoint sponsors an annual browser security contest called Pwn2Own, where the first security researcher to compromise a platform through a browser exploit gets to take the system home. This year's browser targets were IE8, Firefox, and Google Chrome running on Sony VAIO laptops, and Safari on a Macbook. Safari fell pretty much immediately, and Firefox and IE8 followed soon afterwards. The only survivor was Google Chrome, which might be a good argument in favor of Google's approach to browser security, which segregates pages and browser elements from each other using operating system processes.

One fascinating tidbit was this interview with Charlie Miller, the researcher who created the Safari exploit. There are a number of interesting points here. It's pretty clear that the idea that vulnerabilities have (and should have) a market value is now firmly entrenched with many top security researchers. When asked if he thought of providing details of his exploit to Apple, he responded thus:

I never give up free bugs. I have a new campaign. It's called NO MORE FREE BUGS. Vulnerabilities have a market value so it makes no sense to work hard to find a bug, write an exploit and then give it away. Apple pays people to do the same job so we know there's value to this work. No more free bugs.

Here at Nullcube we still think that notifying vendors of problems in their software is a laudable public service - but perhaps we're out of touch. Miller's assessment of the relative difficulty of compromising the various platforms on offer are also worth reading.

As part of the contest rules the vulnerabilities become the property of TippingPoint, so no details on the exact problems have been released.