Attendees at the CanSecWest 2010 conference will be offered prizes of $15,000 plus extras if they can successfully root one of a range of smartphones.
The famous Pwn2Own contest - which has long been a staple of the CanSecWest computer security conference - is set to up its game by offering prizes for hackers able to successfully exploit smartphones for the first time.
As reported over on The Register
, the contest - sponsored by security outfit TippingPoint - is offering $15,000 plus the hacked device to keep for remote code execution attacks against popular smartphones which require "little to no user interaction.
The contest - which is putting aside $60,000 in prize money for the smartphone section - is looking for hackers capable of breaking into Apple's iPhone 3GS, RIM's BlackBerry Bold 9700, the Nokia E62 running Symbian, and the Motorola Droid running Google's Android.
In a blog post
describing the rules for this year's Pwn2Own contest, TippingPoint's Aaron Portnoy claimed that "the increased presence and capabilities of smart phones has brought with it the same security issues and attention traditionally reserved for non hand-held platforms,
" - an opinion borne out by the increase in attacks on smartphones
over the last year.
Interestingly, the allocation of $60,000 of the total $100,000 prize fund to smartphone exploits means that successful hackers will earn more for rooting an iPhone 3GS than for the more traditional browser exploit contest - earning $15,000 for the smartphone exploit but just $10,000 for the laptop exploit.
As usual, Pwn2Own will be a three day affair starting on the 24th of March in Vancouver, British Columbia - and is open only to those registered to attend the CanSecWest conference, which will set prospective hackers back nearly $2,000 plus travel and accommodation costs.
Do you think that TippingPoint is right to turn a spotlight onto the thorny issue of smartphone security, or will browser bugs in desktop machines always be the more important concern? Should the company open its contests up to more than just paying guests at its conferences? Share your thoughts over in the forums