HardOCP News
[H] News
- Joined
- Dec 31, 1969
- Messages
- 0
![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Teen Wins Google Chrome Hack Contest
- Thread starter HardOCP News
- Start date
Yes, because there are absolutely no zero-day exploits lurking in any other browser.
wiseoracle
2[H]4U
- Joined
- Aug 22, 2002
- Messages
- 2,305
Youn
Supreme [H]ardness
- Joined
- Jan 22, 2007
- Messages
- 5,973
Cool for him, and Chrome users. If they hadn't offered the money it might've been a bug for who-knows-how-long, right?
After getting a cool million, I'm going to pay off my car and house and do nothing for a couple years. :-P
Google can keep trying to hire me if they want, but I'll be too busy doing nothing.
Well yeah there is exploits in other browsers it's stupid comment actually. I just dislike chrome for the way it's setup.
The best sandbox you can have is probably a VM. I'd like to see a VM exploit exploit the host.
Thug Esquire
[H]ard|Gawd
- Joined
- May 4, 2005
- Messages
- 1,494
Lmao, well-trolled.
So, you dislike it for reasons not related to the reason that you stated was the reason why you do not use it. Completely irrelevant reasons, actually. Bravo.
Actually, there are some exploits for that too.
And I don't see what kind of security it would bring. More isolation? Yes, but you will want to save or upload files with your browser, so you need some kind of access. And the juicy stuff (stealing passwords, cookies, or simply running a botnet) will still be possible in that VM.
At least the Chrome sandbox tries to isolate processes and limit their interaction without bothering the user. Of course, it doesn't really work, and I hope the Chrome developers will some day grow up and understand a sandbox isn't everything.
Chrome is still a joke, anyway: https://code.google.com/p/chromium/issues/detail?id=41467
BombermanX
Gawd
- Joined
- Apr 17, 2004
- Messages
- 617
I bet they don't respond to his app. It takes more than a single skill to be successful. A young teenager in that work environment could be toxic and he probably doesn't have the soft skills required.
MavericK
Zero Cool
- Joined
- Sep 2, 2004
- Messages
- 31,897
I wasn't even trying to troll
Well, you were.
Every other browser was hacked in seconds at those hacking events.
PaperclipGod
Limp Gawd
- Joined
- Dec 31, 2011
- Messages
- 368
Huh? He didn't want to be identified because his employer hadn't authorized the activity...??
Was he hacking Chrome while on his lunch breaks? Is he someones slave? This excuse makes no sense.
Was he hacking Chrome while on his lunch breaks? Is he someones slave? This excuse makes no sense.
After taxes a million doesn't go as far as it used to. A million dollars puts you into the tax rates of the evil rich, so depending on what state you live in, your overall tax rate (fed/state/local) could be around 50% or more.
Kalabalana
[H]ard|Gawd
- Joined
- Aug 18, 2005
- Messages
- 1,313
He's in the running for 60K, the million dollars is that total prize purse.
As far as browser security goes, from what I've seen Chrome is one of the strong contenders, I'll stick with it.
As far as browser security goes, from what I've seen Chrome is one of the strong contenders, I'll stick with it.
WozniakMac
[H]ard|Gawd
- Joined
- Sep 3, 2005
- Messages
- 1,509
He probably just doesn't want the attention he might get from the government if he's a well known hacker.
Skripka
[H]F Junkie
- Joined
- Feb 5, 2012
- Messages
- 10,791
Some employers lay claim to all IP you produce during your contract for employment. Such as some video game studios. So yea, it does make sense.
Why I don't use software.....
Why I don't use computers, or the internet, or go outside. Too many vulnerabilities
Still, $500,000 is about 6.5 years of income to me :-P
Skripka
[H]F Junkie
- Joined
- Feb 5, 2012
- Messages
- 10,791
$500k is a decent start for retirement funding.
But not enough to retire on when you are still young. Of course if he only gets $60K, that might be enough to pay for half his college.
I laugh when I hear a lottery winner telling everyone they are going to buy a house, a new car, thier mother a new house, etc, when they won less than $1,000,000. Even if they have enough after taxes to buy all this, they will have spent everything, and still have to come up with living expense, property tax, etc every year.
Quote: "Roughly one-third of lottery winners find themselves in serious financial trouble or bankrupt within five years of turning in their lucky numbers, according to Chelmsford wealth counselor Szifra Birke."
MavericK
Zero Cool
- Joined
- Sep 2, 2004
- Messages
- 31,897
I'm 39 and long done with college - paid off too. My income is in the 80k bracket, hence the 6.5 years approximation.
I'm not talking retirement. I'm talking a nice long vacation. I'm tired.
Hmm 500k. Pay off house, plus do the upgrades we've always wanted. New cars for the Mrs and myself. Some kind of luxury vacation for 2 weeks... like rent a Carribean island for 2 weeks. Then back to work and the remaining 300k goes in the retirement fund. Oh I suppose I'd have to throw 50k to help Mom with her debt and a new car. OK, 250 into the retirement fund.
Ok time for me to put the crack pipe away...
The thing about the lottery winners screwing themselves over financially likely had no financial sense to start with. You don't talk about job quitting money unless it's over 3 million after taxes. And even then you're investing almost all of that to try to live off the interest. Damn crack pipe, go away....
Ok time for me to put the crack pipe away...
The thing about the lottery winners screwing themselves over financially likely had no financial sense to start with. You don't talk about job quitting money unless it's over 3 million after taxes. And even then you're investing almost all of that to try to live off the interest. Damn crack pipe, go away....
A VM wouldn't necessarily offer more isolation. Sandboxed processes are pretty much locked down full stop. The escapes here are by bouncing off of things like the download manager and stuff - a VM wouldn't save you from that just like a sandbox doesn't because the problem is in the communication channel you added, not the sandbox itself.
But it does work, quite well in fact. But the biggest reason to use it is because WebKit isn't thread safe. If you don't want one tab to block all your other tabs you have to use processes, there isn't any other way with WebKit. That's why WebKit themselves have started adding a multi-process architecture called WebKit2 (terrible name - it doesn't replace webkit, it's a layer on top of webkit). The newest version of Safari uses it. Although in typical Apple fashion they couldn't re-use Chrome's model and instead had to make their own - which took forever and slowed down development of WebKit.
Yup. For all the stupid rules California has, this is something they got right. Some states (like CA) say that practice is not allowed. If you create something on your own time using no company property, the company can't make any claim whatsoever on owning it. The fact that that is allowed in other states is just ridiculous. Surprisingly it looks like only 7 states have such laws ( http://answers.onstartups.com/quest...lectual-property-rights-to-the-st/20126#20126 )
Of course, the real solution is to just get rid of this ridiculously stupid notion of "IP" in the first place. If you recognize that software patents are actually *idea* patents, and ideas can't be patentable or owned, then you solve this whole mess.
$500K...Hmmm, pay off house, buy new cars, pay kids college fund and then its back to work on Monday. Doesn't go far in today's world.
caddys83
2[H]4U
- Joined
- Feb 14, 2009
- Messages
- 3,552
I wonder if he's with in the ranks of [H] forums? So which one of you guy is the hacker
precariousgray
Limp Gawd
- Joined
- May 4, 2005
- Messages
- 175
Actually, the impetus behind trolling is carefully-crafted, believable deception of your audience which draws them further and deeper into a given altercation. Given the inherently shallow nature of this assertion -- suggesting that a product created of a group of human beings is necessarily infallible -- it is clearly not "trolling" (itself an inherently meaningless, memetic neologism), but rather, the inadequate aspersions cast off by a puerile, undeveloped mind.
Your predisposition towards others in that you seemingly readily laud them with praise upon having manufactured a statement which you feel adheres to the criteria of a particular social phenomenon is quite telling: you employ no conscious thought processes. You are merely a product of your environment, the collected responses to a variety of external stimuli.
You are a component. Back to the machine, cog.
notetcetera
Weaksauce
- Joined
- Jun 16, 2011
- Messages
- 124
http://files.sharenator.com/buzz_killington_191x300_re_so_troll-s191x300-152037-580.jpg
Yup, this seems about right.
Outamyhead
Supreme [H]ardness
- Joined
- Jan 3, 2008
- Messages
- 4,263
NickJames
Supreme [H]ardness
- Joined
- Apr 28, 2009
- Messages
- 6,698
I could make 500K work well for 3-4 years of no employment. Foreclosed home for 120K, 1 new car for 30K, college fund? 25K each at most, I never even had money for college, my kids better get aid/scholarships and then work off any left over loans.
Sometimes I wish I stayed in the hacking business when I was younger but I mysteriously ended up in graphics design and networking. Bah!
Well, he did say things like paying off a house. You could make payments over 5-6 years, sure, but if you suddenly find yourself with a huge chunk of money it's in your best interest to pay it off asap to avoid interest. And college is expensive.
Well, you're talking about $500k when the guy is only getting $60k before taxes.
Well my house is about $150,000 (owe about $100k left) and I owe about $11,500 on my car, so that leaves me with $388,500. So that's 4.9 years of normal income after everything's paid up.
So I think 3 years is a healthy estimate of being able to take a vacation before finding work again. Granted, when you're home more, your utility bills will be higher :-P