This year’s Pwn2Own contest at CanSecWest offered up all kinds of cash to any contestant who could successfully hack one of the browsers or smartphones available at the event. The browsers didn’t fair well, each getting hacked within the first two days of the event while Safari only lasted a whole 10 seconds. The smartphones, however, were unable to be hacked during the three day event, including the iPhone.
It was the first time that Pwn2Own included smartphones and it obviously showed in a couple ways. The prizes were much greater for a smartphone hack, instead of just $5,000 like the browser hacks, successful smartphone hackers would have been awarded $10,000 and the device itself plus a one year phone contract. The other obvious indicator was the fact that hackers seemed disinterested in hacking the smartphones:
“Mobile-phone research is an emerging field,” said Aaron Portnoy, a security researcher at TippingPoint. “Not many people have the prerequisite knowledge to exploit them, nor do they have an exploit prepared.”
I guess if you are not prepared, what’s the point of wasting your time on unsuccsesful hacks? Many hackers prepare their exploits before the contest to save time, including Charlie Miller, the white hat hacker who took down Apple’s Safari.
So, our beloved iPhone survived this year’s hackers, but next year may be a whole different story. Now that smartphones have been introduced to the Pwn2Own contest, white hat hackers are going to be trying their best to take one down. Not only will it score them some hard earned cash, but the recognition alone of being the first to hack a smartphone at the event is worth more than any dollar amount.