Google’s Chrome internet browser has remained the high water mark for web browser security for four years but that legacy has finally been broken. Chrome, which entered the browser marketplace back in 2008 quickly gained a name for itself for being the fastest web browser as well as functionally hacker proof. Google has taken part in Pwn2Own—a security competition run by HP—for the last four years and matched Chrome against the likes of Safari, Internet Explorer and Firefox. For four years Chrome remained the sole competitor un-hacked by the competitors.
This year however, Google let their pride get the best of them and offered a $60,000 prize for anyone who could crack their code. A Russian college student stepped up to the challenge during the Google hosted Pwnium event. Sergey Glazunov submitted a hack that completely bypassed the security measures built into the Chrome browser. ZDNet reports that a previously undiscovered exploit was used to bypass its “sandbox”—a restriction designed to stop hackers from accessing the rest of a user’s computer even if they do compromise the browser. When asked about the exploit, Justin Schuh, a member of the Chrome security team, revealed that the exploit was specific to Chrome and bypassed the browser security sandbox entirely. ”It didn’t break out of the sandbox