Hacker with most scalps to win Pwn2Own 2012

Hacking is no longer about how fast you do it, but how completely - that's the message coming from changes to a major hacking competition.

One of the most-watched security contests of the year, Pwn2Own targets browsers, offering big prizes to whichever researcher can get through a system first.

This year, the contest has been changed to "more closely reflect the value of the exploits demonstrated," according to contest organisers HP Tipping Point, which said the new version would be a "welcome change both for the competitors as well as the spectators at the event".

Previously, the first researcher to hack a specific browser has won. This year, it's not a race to the finish; there will be only three winners, with their success based on points accumulated over the three day competition.

The contest will award 32 points for a fresh zero-day exploit, but will also announce vulnerabilities at the start of the competition, and award ten points to every working exploit created - showing the importance of patching old flaws, the company said.

"In the past, Pwn2Own has shown the importance of zero-day vulnerabilities and the fact that at any given time you are susceptible to attack regardless of your patch level," Aaron Portnoy, manager of the Security Research Team at HP TippingPoint, told InternetNews.

"What we had been ignoring is the fact that it's really important to actually patch vulnerabilities."

As usual, the contest will target browsers Internet Explorer, Firefox and Chrome on Microsoft's Windows 7 or Safari on Apple's Mac OS Lion. Last year, IE and Safari were both successfully hacked, while Firefox and Chrome were not.

HP is offering US$105,000 in prizes - with US$60,000 plus a laptop to first place - while Google has for the second year running offered an extra US$20,000 per qualifying Chrome bug.

The contest starts on 7 March at CanSecWest in Vancouver, Canada.