Google Offers $20,000 Prize for Exposing Chrome OS Vulnerabilities

In December, Google took the wraps off the much talked about Chrome laptop computer. This Chrome OS based test notebook, labeled Cr-48, was introduced as part of a pilot program --Google’s way of testing the product before taking it to mass production. Reports indicate that Chrome OS laptop units from Acer (News - Alert) and Samsung will be launched sometime in the summer this year.

Designed to boot in some 10 seconds and wake-up from sleep instantly, the Cr-48 offers built-in WiFi (News - Alert), 3G, a webcam, and 12.1-inch display with a full-size keyboard and oversized touchpad. And it weighs only 3.8 pounds with over eight hours of active usage and a week of stand-by time.

Now the search engine giant is bringing the Chrome browser with its own hardware to the Pwn2Own 2011 contest to see if any hacker can successfully exploit the Cr-48 Chrome OS via vulnerabilities. According to a report in ZDnet.com, Google (News - Alert) is offering $20,000 for a successful Chrome sandbox exploit.

As per a post on ZDnet.com, the prize is part of this year’s CanSecWest Pwn2Own contest, which will see some of the world’s best security researchers and exploit writers using hacking skills against well known web browsers and mobile devices. Last year, Google Chrome was the only browser that could not be cracked, while others fell quickly. But, with the increased cash prize and the associated publicity for a successful Chrome hack, the chances for a successful Chrome exploit are high, writes ZDnet.

Acording to TippingPoint ZDI, the contest sponsor, a successful Chrome hack “must include a sandbox escape,” which means that a privilege escalation vulnerability may have to be combined with another security hole to cause full system compromise.

This year, the contest targets, with the latest release candidates, are Microsoft (News - Alert) Internet Explorer, Apple Safari, Mozilla Firefox, and Google Chrome.

Want to learn more about the latest in communications & technology? Then be sure to attend ITEXPO East 2011, taking place Feb 2-4, 2011, in Miami. ITEXPO (News - Alert) offers an educational program to help corporate decision makers select the right IP-based voice, video, fax and unified communications solutions to improve their operations. It's also where service providers learn how to profitably roll out the services their subscribers are clamoring for – and where resellers can learn about new growth opportunities. To register, click here.