The annual Pwn2Own competition, held at the PacSec conference in Tokyo, is now under way. The challenge, for those willing to undertake it, is to bypass security measures and exploit a device’s sandbox, with significant monetary gains to be made for the most complex, highly-rated hacks. We may only be at day one, but thus far, Pwn2Own has been an unqualified success for our hackers, with some of the most popular devices in the mobile industry having already been pwned.
The iPhone 5s, Apple’s flagship smartphone until just a couple of months ago, has already been hijacked, along with Samsung’s lauded Galaxy S5, the LG Google Nexus 5 and Amazon’s Fire Phone. Given how quickly our whitehats seem to be moving through the gears, it’s plausible that by the end of Pwn2Own, almost every major handset will have been breached, which once again demonstrates that while security measures are continually improving, the cunningness of individuals is perhaps moving at an even faster rate.
By the look of things, certain developers are outfoxing those pressed with the job of creating these security walls, but one key theme of these exploits so far is that, by and large, they’re using NFC in order to work their magic. Near Field Communication, which is now a feature of almost all high-end devices, was a facilitator of the Galaxy S5’s pwnage, being used as a means to trigger a deserialization exploit by one group while another outfit exploited a logical error in the handset.
NFC was also culpable in the demise of the LG Nexus 5, with developers able to force Bluetooth pairing between handsets using the in-built NFC system. The lesson here, clearly, is that if you’re not using Bluetooth, NFC or any other such function for that matter, then it’s probably wise to turn it off.
Away from NFC, one hack demonstrated how the iPhone 5s could be pwned using a technique that amalgamated two bugs. One of the bugs was able to execute a full sandbox escape through Safari, which is rather worrying, and with the browser of the Fire Phone also commandeered in a three-bug attack, it’s good that these instances have been identified and can subsequently be fixed.
Pwn2Own offers a substantial prize pool of $425,000, and those competing must agree to pass on the details of any exploits and keep them under wraps until fixes can be issued. It’s a commendable organization that means developers aren’t tempted by the darker side of the security world, and also, at consumer level, that our devices are much better protected against those less scrupulous attackers.