

All Chrome OS hack attempts fail at Pwnium 3 - memoryfailure
http://www.geek.com/articles/geek-pick/all-chrome-os-hack-attempts-fail-at-pwnium-3-2013038/

======
benologist
Submitter is a spam account by Ziff Davis (geek.com / extremetech.com /
pcmag.com / etc), one of a few they use to spam HN.

~~~
natrius
I've never understood why people care about this. Lots of people submit their
own stuff. All I care about is the quality of the articles and discussion,
which is orthogonal to the identity of the submitter.

~~~
benologist
Why would you not care if people are here to exploit you and the rest of this
community?

Almost nobody unaffiliated submits their crap in spite of a year+ of spamming
with about 8 different accounts so obviously their work is not even very
relevant.

Systematic spam by these guys and a handful of other sites drowns out content
real users find legitimately interesting.

------
gtr32x
This website is horrendous. While opening the page, a overlay banner flashes
across the content area at snail speed but high enough that I cannot
accurately click the close button while it's moving (well i can try but I'm
risking clicking on the actual ad itself). It took a total of 10 seconds for
it to completely cross the page before I was able to start reading the
content.

I think this kind of ad serves absolutely no purpose. Even if I wanted to read
it before I wouldn't now, and it totally killed the website's credibility for
me.

------
codex
I'm not sure hackers brought their "A" game to this event. In contrast to
earlier events, winners must disclose their methods to participate in return
for only $150,000 per exploit. A black hat hacker could make much more from
their methods, and a white hat hacker could as well--in consulting fees.

~~~
magicalist
You're thinking of Pwn2Own. Pwnium has always required disclosure, while
Pwn2Own only required full disclosure for the first time this year.

And $150,000 is actually getting quite close to what you could make for an
exploit of a browser on the black market, especially with all those Java and
Flash plugins still running all over the world, depressing exploit prices as
long as they're available.

------
qwertzlcoatl
The fact that the total prize money is Pi million dollars is adorable.

~~~
pardner
That's irrational, sorry.

~~~
10dpd
At least its not imaginary...

~~~
mheathr
Technically Pi is a complex number that has the real number coefficient a = Pi
and b = 0 resulting in a complex number of pi + 0j. This is because the set of
real numbers is a subset of the set of complex numbers and Pi is an element of
the set of real numbers.

~~~
Ao7bei3s
It's still not (0) imaginary.

------
zobzu
also, minix didnt get pwned.

~~~
zellyn
This comment made me unreasonably happy.

------
drivebyacct2
Plain Chrome in Linux faired similarly didn't it?

~~~
ukdm
"Chrome was compromised using similar methods to the IE10 and Firefox attacks.
MWR Labs bypassed Chrome’s sandbox and used a Windows kernel vulnerability in
Windows 7 to elevate privileges as well as execute commands outside of the
sandbox. In addition to executing code, MWR researchers were able to read
memory and find the base addresses of certain .DLL files."

[http://www.geek.com/articles/geek-pick/internet-
explorer-10-...](http://www.geek.com/articles/geek-pick/internet-
explorer-10-chrome-and-firefox-hacked-at-pwn2own-2013037/)

~~~
hollerith
Since that page does not mention Linux, I cannot imagine what relevance it has
to grandparent.

~~~
ukdm
Yeah, my mistake, I meant it to be in response to mtgx

