It is true the Google Brower is the most secure not because it is the safest but more because no one wants to break into it. Only one major browser remained standing at the end of the Pwn2Own 2010 contest at this year’s CanSecWest security conference in Vancouver, the rest fell with relative ease. On the operating table were the latest versions of Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, and Apple Safari – but which one lived to tell the tale? Take a guess

For the fourth time, the Zero Day Initiative sent out invites to security specialists around the globe to head to Vancouver towards the end of March and go head to head with the market-leading web browsers that dare to call themselves secure. The object of the contest was simple enough, exploit security holes and break in. The winners walk away with the hardware on which the exploit was successful, hence the competition title, and a share of US$100,000 prize money. For the losers, the walk of shame.

The virtual crown, A MacBook Pro and US$10,000 went to Charlie Miller of Independent Security Evaluators for successfully delivering a full command shell payload to Safari without even having physical access to the machine. Taking home a HP Envy Beats and a further US$10,000 was independent security researcher Peter Vreugdenhil for making short work of the security features of Internet Explorer 8 on Windows 7 64-bit edition. A Sony Vaio and yet another US$10,000 went to a researcher from MWR InfoSecurity for launching a calc.exe payload by exploiting Firefox on Windows 7. That was day one.

[ad#Assense-Wide-C]

So what happened on day two? Yes indeed, all of those successes were enjoyed on day one of the three day contest. No doubt you’ll have noticed the browser in question missing from the roll of (dis)honor, Google’s Chrome. For the second year running, Chrome walked away unscathed, although this is not necessarily due to the browser being unhackable but just that, according to ZDI, “no one decided to take it down“, adding that “there are many researchers sitting on Chrome vulnerabilities”.

Its not simply that I am seriously suggesting a lot of people to actually use Chrome over other operating systems. Google’s Android mobile operating system on HTC’s Nexus One also escaped unharmed in the mobile phone part of the competition. Apple’s iPhone fell in just 20 seconds though with Vincenzo Iozzo and Ralf Philipp Weinmann breaking in and reading text messages stored on the device. Nokia’s Symbian platform also fell to an anonymous contestant.

All vulnerabilities discovered in the contest had been reported to the various vendors to give them the chance to patch things up. But seriously, the love for Google and its products even in the hackers circle seems to be immense. Hats off to the guys at Google from everyone, including the Hackers apparently.

[ source ]