As @kernelpool was asking, I’m also curious why so many targets were abandoned.https://twitter.com/TianfuCup/status/1195887668472602624 …
-
-
Replying to @thegrugq @kernelpool
From what I understand the prize pool is shared, so once a few teams pick up the prize for a target it's not worth their time to "sell" them the bug so they just pack it up and keep it for next time. At least that happened with Chrome and Safari, no idea about ubuntu/centos.
4 replies 5 retweets 15 likes -
Replying to @tiraniddo @kernelpool
Ah, that makes sense. Chrome got so savaged they’re just keeping bugs. hahaha (sorry, I’m laughing with you…)
1 reply 1 retweet 6 likes -
Replying to @thegrugq @kernelpool
Well no entry escaped the sandbox, so we're still good :-)
1 reply 0 retweets 5 likes -
-
Replying to @thegrugq @kernelpool
Yeah, it seemed the entries were allowed to just get RCE, even with no sandbox escape. "Someone" mentioned to me that the demo on stage with Chrome popping calc had the sandbox disabled for demonstration purposes...
2 replies 0 retweets 7 likes -
Yeah the demo was with --no-sandbox. No privescs this time round...
1 reply 0 retweets 5 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
