All five smartphones survive PWN2OWN hacker contest

None of the five smartphones slated for attack at last week's PWN2OWN hacking contest were compromised, a sign that security researchers have yet to adapt to the limitations of mobile, said the company that put up the prize money.

"With the mobile devices so limited on memory and processing power, a lot of [researchers'] main exploit techniques are not able to work," said Terri Forslof, manager of security response at 3Com Inc.'s TippingPoint.

Although three of the four browsers up for grabs at PWN2OWN quickly fell to a pair of researchers -- netting one of them $5,000, the other $15,000 -- none of the smartphones was successfully exploited. TippingPoint had offered $10,000 for each exploit of any of the phones, which included Apple Inc.'s iPhone and the Research in Motion Ltd. (RIM) BlackBerry, as well as phones running the Windows Mobile, Symbian and Android operating systems.

"Take, for example, [Charlie] Miller's Safari exploit," said Forslof, referring to Miller's 10-second hack of a MacBook via an unpatched Safari vulnerability that he'd known about for more than a year. "People wondered why wouldn't it work on the iPhone, why didn't he go for the $10,000?" she said. "The vulnerability is absolutely there, but it's a lot tougher to exploit on the iPhone."

Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world

• Email
• Print
• Share
  • Slashdot
  • Digg
  • Stumble
  • Reddit
  • Newsvine