Updated Rules of Enagagment from Tipping Point's ZDI Crew
http://dvlabs.tippingpoint.com/blog/2008/03/19/cansecwest-pwn-to-own-2008
---------------------
In addition, I was told by one of my ZDI pal that Quicktime is now in scape for Day 2 attacks.
Day 2: March 27th: Default client-side apps
The attack surfaces increases to also include any default installed client-side applications which can be exploited by following a link through email, vendor supplied IM client or visiting a malicious website. First one to pwn it receives the laptop and a $10,000 cash prize. The pwned machine(s) will be taken out of the contest at that time.
I noticed last week that this product was absence from the list and was highlighted in at least one media write-up, which got me wondering as well.
Let the games begin...
No comments:
Post a Comment