
One of China’s most prolific ethical hacking competitions has revealed some alarming shortcomings in the most commonly used browsers today. Over the two days in which the competition happened, hackers successfully managed to break into Safari, Edge, and Chrome. Of the three browsers that ethical hackers breached, Microsoft’s Edge was the worst performer. During the first day alone, three successful exploits came to light and were abused.
Other Elements Also Vulnerable
Edge wasn’t the only browser that fell prey to the dedicated exploits of the white-hat hackers. Chrome, which is based on the same foundation technology as Edge, called Chromium, found itself the victim of two exploits. Safari, Apple’s browser, was the victim of a single hack. Browsers were also not the only software tackled in the competition. Users posted hacks for Office 365 and Adobe PDF reader. Even hardware was under scrutiny, with a D-Link DIR-878 becoming the victim of competition attendees.
Why Have Hacking Competitions?
While these competitions are embarrassing for companies that are the subjects, they expose security vulnerabilities that software and hardware manufacturers can patch before they become public. If anything, it provides a balance to manufacturers, knowing that their products are under scrutiny from some of the best hackers in the world. The hackers, on the other hand, gain some level of infamy for breaking these software and hardware elements, and if they manage to win, they can earn quite a hefty sum as well. The Tianfu Cup awarded winners 360Vulcan over $380,000 for their efforts.
No Manufacturers Present
Sadly, despite what manufacturers could learn from this competition, the owners of the software and the hardware that came under fire were notoriously absent. The number of successful hacks at this year’s Tianfu Cup should be a warning to manufacturers in producing substandard equipment. If they don’t learn from their mistakes, then they may face even more severe consequences when those exploits come to the notice of malicious hackers.