The competition is already under way at the Hack in the Box conference
Google is eager to put Chrome through its paces again and is prepping up Pwnium 2, the second edition of the security challenge. The challenge is to hack into Chrome, to get through the Sandbox or at least use one or more vulnerabilities in Chrome to take control of a computer.Those that manage it will get cash prizes, though Google is not disclosing the exact amounts at this point.
Pwnium 2 is taking place during the Hack in the Box 2012 security conference in Kuala Lumpur, Malaysia this week.
"Security is one of Chrome’s core principles, and we work closely with the security community to continually make the web safer for users. In that spirit, we're hosting Pwnium 2 at Hack in the Box 2012 in Kuala Lumpur this week," Google explained.
The contest should be underway by now and those interested had to visit Google's desk at the conference and apply.
As before, the eligible exploits are supposed to be unreported and to affect Chrome. The best ones are those that break the sandbox, but Google is paying for other exploits as well.
Those demonstrating a "top of the line" sandbox exploit or using only Chrome bugs, a "Full Chrome Exploit" as Google labels it, will be able to get $60,000, €46,300 same as in Pwnium 1.
Those using at least one Chrome bug, but also some other bugs in WebKit, Windows and so on, will get $50,000, €38,644. For exploits that use bugs in Flash, Windows or software other than Chrome, winners will get $40,000, €30,915.
The first Pwnium competition can be considered a success, Google only got two entries, but both were complex exploits that took full control of the computer using only Chrome bugs. Both got the top prize. It remains to be seen if that's the case this time, we'll know soon.