Internet Explorer And Firefox Exploited At Security Conference
If there is one thing that you do not want to read as a web browser user or company that created a browser, it is that your browser has been exploited at a security conference while others have not.
The Pwn2Own security conference is a competitive gathering of security experts who try to compromise computer systems using zero-day exploits. The first security researcher to compromise systems during the conference earns cash prices and hardware.
Each successfully exploited browser is worth $10,000 this time for instance.
Two of the most popular web browsers have been compromised on day one of the conference. Both Microsoft's Internet Explorer and Mozilla's Firefox web browser were compromised on that day. This means basically that both browsers are vulnerable to security issues that have not been patched yet.
No security researcher even tried to exploit the Google Chrome web browser which many attributed to its sandboxing mechanism which isolates content and the browser core. Apple's Safari browser was exploited as well and the Opera web browser, was once again, not even included in the contest.
Also of note was a successful hack of the iPhone 3GS that bypassed the digital code signatures used by the operating system to verify Apple code.
Video of Internet Explorer 8 being exploited
Is it safe to say that Google Chrome is the most secure web browser currently? It probably is but that does not mean that there are no exploits for it, or that it offers a completely secure environment as Chrome security vulnerabilities have been discovered in the past as well.
Update:Â It is interesting to note that successful exploits are revealed to companies who created the products. This gives them information to create security patches for the programs.
All companies affected by security issues have created patches for said vulnerabilities. This means that the vulnerabilities used to exploit the browsers cannot be used anymore if the browsers are patched fully.
My definition of security also includes how trustworthy is the vendor and how much data do they collect and what do they do with it. This makes anything Google insecure! However, I might give Iron a try…
Thats why I am using Google Chrome right now.
why leave out Safari in the title.
Because an Apple product with security holes like a sieve is OLD NEWS?