Next week is the 12th annual CanSecWest conference in Vancouver, BC, focused on digital security. Among the presentations being made is a contest called “Pwn2Own” which targets web browsers and mobile devices.
Each contestant has a 30-minute time slot to complete their hacking attempt. A specially-designed RF enclosure will be on-site to allow the use of radio frequency (RF) based hacks that potentially could affect other devices in use at the conference. A video feed will be recorded of the device inside the enclosure and published after the completion of the contest.
A successful attack must require little to no user interaction and must compromise useful data from the phone. Any hack that can incur cost to the devices owner such as dialing long-distance numbers, eavesdropping, etc. is also valid.
The successful attacker will win a cash prize of $15,000, the device that was compromised, and 20,000 “ZDI reward points” which can be redeemed for several prizes. Among the possible ZDI rewards are a $5,000 cash payment and paid travel and registration to attend the DEFCON hacking conference in Las Vegas.