Three-peater winner Charlie Miller of the Pwn2Own competition told Apple, Microsoft and Adobe to find their bugs in their software. Not unlike Sheldon from Big Bang Theory, our man took mere seconds to detect and exploit flaws in all targets before the other contestants applied finger to keyboard. Tradition states, the winner demonstrates the exploit to the companies’ engineers, but Mr Miller has taken great offense to the idea.
“We find a bug, they patch it,” said Miller. “We find another bug, they patch it. That doesn’t improve the security of the product. True, [the software] gets incrementally better, but they actually need to make big improvements. But I can’t make them do that.”
Miller’s technique is not unique and is in fact used by all three companies to test software for flaws before it’s released, which begs this question : does Microsoft, Adobe and Apple’s software development teams knowingly release “buggy” software, hoping no one will find, detect or exploit the flaws? What is going on around here, anyway?