Darknet Diaries

82: Master of Pwn

Jan 5, 2021

Dustin Childs, a Senior Communications Manager for the Zero Day Initiative, Brian Gorenc, Senior Director at Trend Micro, and Pedro, a member of the renowned Team Flashback, discuss the thrilling Pwn2Own hacking contest. They delve into the discovery of zero-day vulnerabilities, showcasing how hackers exploit browsers, phones, and even cars. Ethical implications of the exploit broker market are explored, alongside personal stories of triumph and challenges faced in this competitive arena. Expect insights into the evolving relationship between security researchers and software vendors!

01:05:09

Creator website

Episode guests

Pedro

Brian Gorenc

Dustin Childs

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

The Pwn2Own contest serves as a crucial platform for security researchers to demonstrate and exploit zero-day vulnerabilities, guiding researchers in specific areas of exploitation and ultimately improving software security.

Bug bounty programs incentivize researchers to responsibly disclose vulnerabilities, but fair compensation remains a challenge, while the dark web presents a market for buying and selling zero-day exploits.

Team Fluroacetate's dominating performance in the Pwn2Own contest highlights the skill and expertise required to find and exploit vulnerabilities, providing valuable insights for improving software security.

Deep dives

The Prestigious Pwn2Own Contest

The podcast discusses the Pwn2Own contest, an annual event where security researchers demonstrate and exploit zero-day vulnerabilities in popular software such as web browsers and operating systems. It highlights the significance of this contest in guiding researchers in specific areas of exploitation, encouraging bug reporting, and ultimately improving software security.

Intro

5min

Unveiling Zero Day Vulnerabilities

18min

Ethics and Anonymity in the Exploit Broker Market

3min

Hacking the Browser: Loki Heart's Journey

4min

The Evolution of Pwn2Own: From Browsers to Industrial Control Systems

2min

The Competitive Edge of Pwn2Own

16min

Hacking the Tesla: A Pwn2Own Challenge

15min

The Competitive Landscape of Pwn2Own and Zero-Day Exploits

6min

The Zero Day Initiative runs a hacker contest called Pwn2Own. The contest calls the best hackers in the world to demonstrate they can hack into software that should be secure. Like browsers, phones, and even cars. A lot of vulnerabilities are discovered from this event which means vendors must fix them. Whoever can demonstrate the most vulnerabilities will be crowned the “Master of Pwn”.

Thanks to Dustin Childs and Brian Gorenc from ZDI to hear all about Pwn2Own.

Thanks to Radek and Pedro for sharing their experiences of becoming the Masters of Pwn.

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

Darknet Diaries

82: Master of Pwn

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

The Prestigious Pwn2Own Contest

Bug Bounties and Zero-Day Exploits

The Exploits and Victories of Team Fluroacetate

Talented hacker wins big at Pwn2Own contest

Team Flashback dominates Pwn2Own with impressive exploits

Remember Everything You Learn from Podcasts