No one is safe. All 4 browser was easily hacked in Pwn2Own 2015.

Toggle sidebar Toggle sidebar
D

D M C

New member
Jul 7, 2014
657
0
0
So. in 2015 Pwn2Own hacking event.
All four browser was easily went down in few minutes.
1)IE
2)Google Chrome
3)Firefox
4)Safari

The final cracked bug count came to:

5 bugs in the Windows operating system
4 bugs in Internet Explorer 11
3 bugs in Mozilla Firefox
3 bugs in Adobe Reader
3 bugs in Adobe Flash
2 bugs in Apple Safari
1 bug in Google Chrome

I guess nothing is safe neither Windows nor Mac..

Source: Pwn2Own 2015: The year every web browser went down | ZDNet
 
D M C said:
Safe browsing habit...... like ?
Click to expand...

Like not going to suspicious websites, not clicking to suspicious ads and pop-ups and not downloading stuff that could be dangerous/you don't know what they do/you found them on a suspicious website...
 
TheLumaniac said:
Like not going to suspicious websites, not clicking to suspicious ads and pop-ups and not downloading stuff that could be dangerous/you don't know what they do/you found them on a suspicious website...
Click to expand...

Opening websites in private or incognito mode is safer than normal or not?
 
D M C said:
Opening websites in private or incognito mode is safer than normal or not?
Click to expand...

Correct me if I am wrong, but using some sort of private mode simply stops the browser from keeping a browsing history. Knowing that you visited a potentially dangerous website does not make actually visiting it any safer.
On the other hand, using an adblocker could actually help a little by blocking ads that could lead to potentially dangerous websites or make you download suspicious files...
 
Last edited:
TheLumaniac said:
Correct me if I am wrong, but using some sort of private mode simply stops the browser from keeping a browsing history. Knowing that you visited a potentially dangerous website does not make actually visiting it any safer.
On the other hand, using an adblocker could actually help a little by blocking ads that could lead to potentially dangerous websites or make you download suspicious files...
Click to expand...

I thought private mode do not save temp files, history and cookies in your PC which may be some sort of safe browsing or something like that.
 
D M C said:
I thought private mode do not save temp files, history and cookies in your PC which may be some sort of safe browsing or something like that.
Click to expand...

Depends on what you consider safe. You can still download stuff while you are in private mode and your internet provider knows that you are using the internet at the moment. Someone who will use your computer right after you will not know what you did because your browser did not keep any temp files cookies, etc. So, for example, your brother who also uses your computer wouldn't know what sites you visited (if you know what I mean), so you are, in a way, safe.
 
TheLumaniac said:
Correct me if I am wrong, but using some sort of private mode simply stops the browser from keeping a browsing history. Knowing that you visited a potentially dangerous website does not make actually visiting it any safer.
On the other hand, using an adblocker could actually help a little by blocking ads that could lead to potentially dangerous websites or make you download suspicious files...
Click to expand...

Yeah. Your employer and your ISP can still see your browsing history, even in a private mode.
Safe browsing habits never hurt, get an internet security program, when visiting banking sites make sure they have the https:// prefix and don't visit suspicious websites.
 
Not sure, what about Vivaldi or Opera? Does PaleMoon count? Could also do Dolphin or alike with BlueStacks. I also don't run as admin, disable javascript, and installed ghostery.
 
D M C said:
So. in 2015 Pwn2Own hacking event.
All four browser was easily went down in few minutes.
1)IE
2)Google Chrome
3)Firefox
4)Safari

The final cracked bug count came to:

5 bugs in the Windows operating system
4 bugs in Internet Explorer 11
3 bugs in Mozilla Firefox
3 bugs in Adobe Reader
3 bugs in Adobe Flash
2 bugs in Apple Safari
1 bug in Google Chrome

I guess nothing is safe neither Windows nor Mac..

Source: Pwn2Own 2015: The year every web browser went down | ZDNet
Click to expand...

Nobody was able to hack with EMET on https://technet.microsoft.com/en-us/security/jj653751

EMET 5.1 is available - Security Research & Defense - Site Home - TechNet Blogs

I recommend the fist thing when you load Windows install EMET


Export Address Table Filtering (EAF+) Security Mitigation
jj653751.right.png
Structured Execution Handling Overwrite Protection (SEHOP) Security Mitigation
jj653751.right.png
Heapspray Allocation Security Mitigation
jj653751.right.png
Mandatory Address Space Layout Randomization (ASLR) Security Mitigation
jj653751.right.png
Load Library Check – Return Oriented Programming (ROP) Security Mitigation
jj653751.right.png
Caller Checks – Return Oriented Programming (ROP) Security Mitigation*
jj653751.right.png
Stack Pivot – Return Oriented Programming (ROP) Security Mitigation
jj653751.right.png

[TD="bgcolor: #4472c4"] EMET Security Mitigations [/TD]
[TD="bgcolor: #4472c4"] Included [/TD]

[TD="bgcolor: #D9E2F3"] Attack Surface Reduction (ASR) Mitigation [/TD]
[TD="bgcolor: #D9E2F3"]
jj653751.right.png
[/TD]

[TD="bgcolor: #D9E2F3"] Data Execution Prevention (DEP) Security Mitigation [/TD]
[TD="bgcolor: #D9E2F3"]
jj653751.right.png
[/TD]

[TD="bgcolor: #D9E2F3"] NullPage Security Mitigation [/TD]
[TD="bgcolor: #D9E2F3"]
jj653751.right.png
[/TD]

[TD="bgcolor: #D9E2F3"] Export Address Table Filtering (EAF) Security Mitigation [/TD]
[TD="bgcolor: #D9E2F3"]
jj653751.right.png
[/TD]

[TD="bgcolor: #D9E2F3"] Bottom Up ASLR Security Mitigation [/TD]
[TD="bgcolor: #D9E2F3"]
jj653751.right.png
[/TD]

[TD="bgcolor: #D9E2F3"] Memory Protection Check – Return Oriented Programming (ROP) Security Mitigation [/TD]
[TD="bgcolor: #D9E2F3"]
jj653751.right.png
[/TD]

[TD="bgcolor: #D9E2F3"] Simulate Execution Flow – Return Oriented Programming (ROP) Security Mitigation* [/TD]
[TD="bgcolor: #D9E2F3"]
jj653751.right.png
[/TD]
 
Pete said:
As always, safe browsing habits are the best defence....
Click to expand...

Yep yep yep.

Funniest thing I've ever seen working tech jobs...a Mac in which Firefox was opening itself and displaying ads. There is no "safe" browser that protects you from all the bad on the internet.
 
FearL0rd said:
Nobody was able to hack with EMET on https://technet.microsoft.com/en-us/security/jj653751

EMET 5.1 is available - Security Research & Defense - Site Home - TechNet Blogs

I recommend the fist thing when you load Windows install EMET


Export Address Table Filtering (EAF+) Security Mitigationhttps://i-technet.sec.s-msft.com/jj653751.right.png
Structured Execution Handling Overwrite Protection (SEHOP) Security Mitigationhttps://i-technet.sec.s-msft.com/jj653751.right.png
Heapspray Allocation Security Mitigationhttps://i-technet.sec.s-msft.com/jj653751.right.png
Mandatory Address Space Layout Randomization (ASLR) Security Mitigationhttps://i-technet.sec.s-msft.com/jj653751.right.png
Load Library Check – Return Oriented Programming (ROP) Security Mitigationhttps://i-technet.sec.s-msft.com/jj653751.right.png
Caller Checks – Return Oriented Programming (ROP) Security Mitigation*https://i-technet.sec.s-msft.com/jj653751.right.png
Stack Pivot – Return Oriented Programming (ROP) Security Mitigation

[TD="bgcolor: #4472c4"] EMET Security Mitigations [/TD]
[TD="bgcolor: #4472c4"] Included [/TD]

[TD="bgcolor: #D9E2F3"] Attack Surface Reduction (ASR) Mitigation [/TD]
[TD="bgcolor: #D9E2F3"] https://i-technet.sec.s-msft.com/jj653751.right.png [/TD]

[TD="bgcolor: #D9E2F3"] Data Execution Prevention (DEP) Security Mitigation [/TD]
[TD="bgcolor: #D9E2F3"] https://i-technet.sec.s-msft.com/jj653751.right.png [/TD]

[TD="bgcolor: #D9E2F3"] NullPage Security Mitigation [/TD]
[TD="bgcolor: #D9E2F3"] https://i-technet.sec.s-msft.com/jj653751.right.png [/TD]

[TD="bgcolor: #D9E2F3"] Export Address Table Filtering (EAF) Security Mitigation [/TD]
[TD="bgcolor: #D9E2F3"] https://i-technet.sec.s-msft.com/jj653751.right.png [/TD]

[TD="bgcolor: #D9E2F3"] Bottom Up ASLR Security Mitigation [/TD]
[TD="bgcolor: #D9E2F3"] https://i-technet.sec.s-msft.com/jj653751.right.png [/TD]

[TD="bgcolor: #D9E2F3"] Memory Protection Check – Return Oriented Programming (ROP) Security Mitigation [/TD]
[TD="bgcolor: #D9E2F3"] https://i-technet.sec.s-msft.com/jj653751.right.png [/TD]

[TD="bgcolor: #D9E2F3"] Simulate Execution Flow – Return Oriented Programming (ROP) Security Mitigation* [/TD]
[TD="bgcolor: #D9E2F3"] https://i-technet.sec.s-msft.com/jj653751.right.png [/TD]
Click to expand...

But this year it was hacked in just 17 seconds.

No Browser is safe : Chrome, Firefox, Internet Explorer, Safari all hacked at Pwn2Own contest
 
You must log in or register to reply here.

Similar threads

D
Pwn2Own 2016 Hacking Contest
Replies
0
Views
3K
Windows Central Archive
D M C
D
thurask
Windows 10 build 17074 discussion (Redstone 4, Fast)
Replies
1
Views
8K
Windows Discussion
y-ish
Y
Tyrion L
Windows 10 Mobile browser alternatives
Replies
45
Views
63K
Windows Discussion
creanyo
creanyo
SrMatiM7
Google limits the search service in Microsoft Edge ?this is a hazard for the grow of Edge?
Replies
1
Views
3K
Windows Discussion
ven07
ven07
thurask
Windows 10 build 17083 discussion (Redstone 4, Fast)
Replies
1
Views
17K
Windows Discussion
Old_Mil
O

Trending Posts

Members online

Total: 1,303 (members: 2, guests: 1,301)

Forum statistics

Threads
341,264
Messages
2,264,331
Members
428,833
Latest member
OrivelleFungusPen

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom