iPhone, BlackBerry tumble to Pwn2Own hackers
Charlie Miller, a staple at the hacking contest, becomes 'Mr. Four-peat'
Computerworld - Apple's iPhone 4 and RIM's BlackBerry Torch 9800 both succumbed to hackers today at Pwn2Own, but two other smartphones running Android and Windows Phone 7 were unchallenged, the contest's sponsor said.
Charlie Miller became the first "four-peat" at Pwn2Own when he teamed with Dion Blazakis to take down the iPhone. Both Miller and Blazakis work for the Baltimore-based consulting firm Independent Security Evaluators (ISE).
Miller has walked off with winnings from Pwn2Own four years running -- 2008 through 2011 -- twice as many times as anyone else.
"Every other year I've had an exploit ready to go for months," said Miller in an interview after the win. "But this was a different experience, working under the time pressure because we were working on [the iPhone] exploit the night before."
Miller credited his partner for much of the work. "Dion's a really good researcher in his own right," said Miller.
Miller and Blazakis worked on their iPhone exploit for months, Miller said. "This one was pretty hard. Different bugs take different exploits, and this one was hard to exploit."
Pwn2Own winners are forbidden from discussing technical details of the vulnerabilities they exploit, or to release the attack code they've used. Instead, they turn over their findings and code to HP TippingPoint, the contest sponsor. TippingPoint in turn reports the vulnerabilities to vendors, who have six months to patch the bugs before TippingPoint publicly releases any information.
On the BlackBerry, a multi-national team composed of Vincenzo Iozzo, Ralf-Philipp Weinmann and a third researcher from the Netherlands, matched Miller and Blazakis by hacking the Torch. Iozzo and Weinmann were old hands at Pwn2Own, having partnered in 2010 to successfully break into an iPhone 3GS at that year's contest.
Iozzo is an engineer at Zynamics GmbH, the German reverse engineering tool maker headed by noted researcher Thomas Dullien, better known as Halvar Flake. Zynamics was acquired by Google earlier this month for an undisclosed sum.
Weinmann, meanwhile, is a post-doctoral researcher at the Laboratory of Algorithms, Cryptology and Security at the University of Luxembourg.
Both teams were busy tweaking their exploits before today's round, said Peter Vreugdenhil, a former Pwn2Own winner who now works for TippingPoint, and served as a contest judge this year.
"Both were actually tweaking their exploits at the [CanSecWest] conference," said Vreugdenhil, referring to the Vancouver, British Columbia security conference where Pwn2Own takes place.
The iPhone and BlackBerry Torch hacks, however, were over in seconds. "They hooked up their computers to the phones, and that was it," said Vreugdenhil.
The teams each will receive a check for $15,000 from TippingPoint, as well as the smartphones they exploited, in a ceremony Friday at CanSecWest.
Pwn2Own 2011
- iPhone, BlackBerry tumble to Pwn2Own hackers
- Researcher chains three exploits to take down IE8 at Pwn2Own
- Safari, IE hacked first at Pwn2Own
- Researcher blows $15K by reporting bug to Google
- Microsoft won't patch IE before Pwn2Own
- Apple to patch Safari before Pwn2Own, say researchers
- Mozilla follows Google, patches Firefox as prep for Pwn2Own
- Three-time Pwn2Own winner knocks hacking contest rules
- Familiar faces, new names step up at Pwn2Own hacking contest
- Update: Firefox update will patch CSRF bug, Mozilla says


- Excel 2010 Cheat Sheet
- Register for this Computerworld Insider Cheat Sheet and gain access to hundreds of premium content articles, guides, product reviews and more.
- Practice Management: Double Billing Rate and Improve Patient Services
- Would you like to double your billing rate and achieve faster payment for services?
Download this customer success story to see how One Health... - Mission Critical Data Explosion and Customer Case Study
- Would you like to double your tier 1 storage capacity while simultaneously reducing your storage footprint?
Download this customer success story to see how... - Protecting Against Database Attacks and Insider Threats: Top 5 Scenarios
- Read this new eBook to learn the top five scenarios and essential best practices for preventing database attacks and insider threats.
- Database Activity Monitoring Is Evolving
- Read the analyst report and learn how you can leverage the core capabilities of a DAP solution for better database security.
- Establishing a Strategy for Database Security is No Longer Optional
- The options for securing increasingly valuable databases are very broad and deep, and can be confusing. This research provides an overview of three... All Cybercrime and Hacking White Papers
- Distributed Database Security with Real-time Monitoring
- View this demo and learn how IBM InfoSphere Guardium database activity monitoring can help protect your sensitive data in distributed DBMS environments with...
- InfoSphere Warehouse Packs Demo
- These flash modules make warehousing more tangible and relevant to business users through detailed explanations of the InfoSphere Warehouse Packs.
- Delivery Management -- Extending Lifecycle Management
- Date: Wednesday, June 20, 2012, 1:00 PM EDT
Siloed organizations continue doing the wrong things and doing things wrong, leading to increased costs,... - Leverage automation today to reduce IT complexity
- Date: Tuesday, June 5, 2012, 2:00 PM EDT
Whether your B2B complexity is caused by multiple technologies due to M&A, business or application specific... - Redefine Expectations in the Data Center
- Need to do more with less? Watch this video to learn how HP ProLiant Gen8 servers can help your business deploy servers three... All Cybercrime and Hacking Webcasts
