|
|
|
|
|
|
by d2mw
2508 days ago
|
|
|
Pwn2Own fell out of the spotlight over time because they managed to piss off sponsors and teams alike, not because any material improvement occurred in software security, involving systems that for the most part continue to be millions of lines of C just like they were in the 90s. Security processes have improved tremendously in recent times, but software security in general has advanced only incrementally at best, such that individuals can still succeed at breaking the majority of software, and are able to do so with such reliability that the practice is done as a sporting event. Per the slides over 150 of those kernel bugs resulted in code execution, and that is already a lowball count of the true number. Upstream Linux, being possibly the most visible and well-resourced OS codebase around, even by 2019 does not have the tools necessary just to automatically find the bugs we already know exist. |
|
|
I don't suppose there's any more information - it sounds like an interesting tale.