Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • Mobile

    HP to Offer $300,000 in Awards for Mobile Hacks at Pwn2Own 2013

    Written by

    Sean Michael Kerner
    Published September 14, 2013
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      Hewlett-Packard is set to host its second annual Mobile Pw2own competition this November at the PacSec Applied Security Conference in Tokyo. The competition will reward security researchers from a total prize pool of $300,000 for new, previously undisclosed vulnerabilities in mobile technologies.

      The mobile event will be the second Pwn2own event in 2013, following the desktop browser-focused event that was held in March. It’s also the second time HP has hosted a mobile-focused Pwn2own event. At the 2012 mobile Pwn2own event, near-field communication (NFC) technology was a key target, and both Android and iOS were hacked.

      Brian Gorenc, manager of the Zero Day Initiative (ZDI) at Hewlett-Packet Security Research, told eWEEK that his group has introduced several changes to Mobile Pwn2Own this year. In this year’s event, the attack surface has been widened to include Bluetooth, WiFi, and USB-based attacks.

      “HP’s Zero Day Initiative, with support from its sponsors, has also increased the amount of prize money available to $300,000, compared with $240,000 last year,” Gorenc said.

      A key component of every Pwn2own event is browser-based attacks, and the 2013 Mobile Pwn2own event will be no different. Gorenc noted that the usual suspects of mobile browsers, including Chrome and Safari, will be available to contestants at Mobile Pwn2Own 2013.

      “All targets will be installed in the default configurations giving all contestants an even playing field,” Gorenc said.

      In terms of awards, HP will pay $50,000 to the first researcher that is able to successful demonstrate a previously unknown attack against Bluetooth, WiFi, USB or NFC use on a mobile device. An award of $70,000 will be paid to the researcher that can demonstrate an attack against the Short Message Service (SMS), Multimedia Messaging Service (MMS) or Commercial Mobile Alert System (CMAS).

      Mobile browser exploits will yield a $40,000 bounty. Google is also participating in the event, kicking in an additional $10,000, on top of HP’s $40,000, to the researcher who is able to successfully exploit its Chrome browser running on a Google Nexus 4 or Samsung Galaxy S4.

      “There will be one winner per category, with the exception of the Mobile Browser category, which may have additional winners, sponsored by Google, if the contestant is specifically targeting Chrome or Android on the Google Nexus 4 or Samsung Galaxy S 4,” Gorenc said.

      The HP ZDI group buys security vulnerabilities from researchers all year-round. As such, he has some insight into the types of vulnerabilities that are on the market, but it’s difficult to forecast what will emerge at a Pwn2Own event.

      “One of the great things about Pwn2Own is that you never know what type of innovative research and attack techniques will show up,” Gorenc said.

      ZDI is particularly interested in seeing exploits in the messaging services category, he added.

      “These types of attacks are particularly dangerous since you don’t need to be in range of the target or get them to click on a link—all you need is a phone number,” Gorenc said.

      Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

      Sean Michael Kerner
      Sean Michael Kerner
      Sean Michael Kerner is an Internet consultant, strategist, and writer for several leading IT business web sites.

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×