Interact with the security community
CanSecWest, the world's most advanced conference focusing on applied digital security, is about bringing the industry luminaries together in a relaxed environment which promotes collaboration and social networking. The conference lasts for three days and features a single track of thought provoking presentations, each prepared by an experienced professional and talented educator who is at the cutting edge of his or her field. We give preference to new and innovative material, highlighting important, emergent technologies, techniques, or best industry practices.
The conference is single track, with one hour presentations over the duration beginning at 9:00 a.m. The registration fee includes the catered meals, and there will be a vendor display and lounge/eating area, where wireless internet access will be available (as well as in the speaking theater). The conference discount hotel room booking system can be found https://www.starwoodmeeting.com/Book/CSW2015">here.
Today Tipping Point ZDI announced their PWN2OWN 2010 prizes and challenges - with awards totaling more than $100,000 USD. Their announcement can be found on the DVLabs Blog.
$40,000 of prizes are allocated for the Browser exploitation challenge, which will feature a gradually expanding attack surface over the three days of the competition during the conference consisting of progressively less operating system exploit mitigations consiting of older operating system versions (Windows 7, Vista, and XP; Snow Leopard, Leopard). The four browser targets for the challenge are:
- Microsoft Internet Explorer (Version 8 on Windows 7, Version 7 on Vista and XP)
- Mozilla Firefox 3
- Google Chrome 4
- Apple Safari 4
$60,000 of prizes are allocated to the mobile challenge, which is in itself a statement about the import and priority we expect mobile platform security to play in our future computing environment. The four mobile targets were selected by market share and importance to be:
- Apple iPhone
- RIM Blackberry
- Nokia Symbian
- Google Android
Some specific target models are listed on the TippingPoint blog, but a final detailed hardware platform list will be published shortly. As in previous years contestants will be able to keep the laptop targets and mobile phones they successfully compromise. Also like in previous years, compromise to get the prizes will require a real demonstration of a practical attack in a real-world scenario. A detailed list of the hardware prizes will also follow shortly. This year we would like to thank COSEINC for their sponsorship of the hardware prizes.
For 2010 the rules were discussed and selected by a committee of vendors, previous contestants, and noted technical advisors. We would especially like to thank RIM, Google, and Microsoft for their participation, sponsorship, and input to the PWN2OWN rules and contest proceedings.
Watch this space for more exciting information and additional announcements regarding this year's no doubt to be eventful PWN2OWN challenge. Participation in the contest is limited to CanSecWest conference attendees, and additional stipulations are listed on the TippingPoint site.