2008 Pwnie Award Winners
- Best Server-Side Bug: Ryan Smith and Alex Wheeler (Windows IGMP kernel vulnerability discovery)
- Best Client-Side Bug: Nate McFeters, Rob Carter, and Billy Rios (Multiple URL protocol handling flaws)
- Mass 0wnage: For the mass of Wordpress vulnerabilities found this past year (and anyone who found them)
- Most Innovative Research: Cold Boot attacks on disk encryption keys (Princeton researchers)
- Lamest Vendor Response: McAfee, for its reaction to the over 60 Websites classified as "Hacker Safe" by its ScanAlert service that were found to be XSS-vulnerable -- including the ScanAlert Website itself.
- Most Overhyped Bug: Dan Kaminsky's Unspecified DNS cache poisoning vulnerability.
- Best Song: "Packing the K!" Kaspersky Lab
- Most Epic FAIL: Debian, for shipping a backdoored OpenSSL library for two years
- Lifetime Achievement Award: Tim Newsham