While news has been sparse since Day 1 of Pwn2OWn, word is that Chrome was the only major browser to make it through the entire competition unscathed. That means it even got through the vaunted Windows XP Day 3, where many expected that Chrome would be exploited by using some of XP’s inherent holes. Not to mention withstanding the service packs that XP is nine years old.
Major browsers such as IE8, Safari and Firefox were hacked within minutes of the start.
Pwn2Own, by the way, is a contest that awards “researchers” cash prizes for successfully hacking computer platforms – prizes in the range of $10,000 to $15,000 plus the computer that they are hacked on.
OK, so Chrome made it through. But let’s think about this. Chrome has only been out since 2008, and there still aren’t that many users who have adopted it yet. W3schools, a web developer site, cites an 11.6% rate of users who visit their site as running Chrome for February 2010. And that is a site for early adopters of web technology! The real number for the entire web population is probably closer to five percent. That may be one of the reasons that researchers have yet to find vulnerabilities in it: they hack what they know, which are the other browsers out there.
Of course, there is also the idea that the other browsers on the market are simply weaker than Chrome which is also a possibility. There was some stir in the days leading up to the contest that Google quickly patched up a slew of security flaws in what was seen as a pre-emptive move. But when you are actually awarding outside experts with cash when they see a flaw in Chrome, it’s probably easier to patch up things that may be hard to see when they are right in front of you.