Google’s Million Dollar Question: Can you hack Chrome?

Share this article

The question is, in a sense, worth Million Dollar. Can you hack chrome?

Google is offering huge prizes at CanSecWest security conference to the participants who can hack its popular web browser Google Chrome. While Internet Explorer and Apple Safari has always been easy targets in hacking conferences earlier, Chrome was the virgin no one tried to screw with.

This time Google is offering prizes worth $1 Million in total for the participants to find vulnerability and exploits in Chrome. According to official Chromium blog,

The aim of our sponsorship is simple: we have a big learning opportunity when we receive full end-to-end exploits. Not only can we fix the bugs, but by studying the vulnerability and exploit techniques we can enhance our mitigations, automated testing, and sandboxing. This enables us to better protect our users.

The prizes are:

$60,000 – “Full Chrome exploit”: Chrome / Win7 local OS user account persistence using only bugs in Chrome itself.
$40,000 – “Partial Chrome exploit”: Chrome / Win7 local OS user account persistence using at least one bug in Chrome itself, plus other bugs. For example, a WebKit bug combined with a Windows sandbox bug.
$20,000 – “Consolation reward, Flash / Windows / other”: Chrome / Win7 local OS user account persistence that does not use bugs in Chrome.

Nice moves Google. I wish you to be hacked big times. :P