Friday, August 08, 2008

2008 Pwnie Award Winners

Via The 2008 Pwnie Award Page.

  • Best Server-Side Bug: Ryan Smith and Alex Wheeler (Windows IGMP kernel vulnerability discovery)
  • Best Client-Side Bug: Nate McFeters, Rob Carter, and Billy Rios (Multiple URL protocol handling flaws)
  • Mass 0wnage: For the mass of Wordpress vulnerabilities found this past year (and anyone who found them)
  • Most Innovative Research: Cold Boot attacks on disk encryption keys (Princeton researchers)
  • Lamest Vendor Response: McAfee, for its reaction to the over 60 Websites classified as "Hacker Safe" by its ScanAlert service that were found to be XSS-vulnerable -- including the ScanAlert Website itself.
  • Most Overhyped Bug: Dan Kaminsky's Unspecified DNS cache poisoning vulnerability.
  • Best Song: "Packing the K!" Kaspersky Lab
  • Most Epic FAIL: Debian, for shipping a backdoored OpenSSL library for two years
  • Lifetime Achievement Award: Tim Newsham

More here.


Post a Comment

<< Home