Google Chrome the sole survivor in browser hacking contest - Yahoo! News Computer Security Advances don't just come from malicious attacks that are subsequently patched by software programmers. They are also the result of more genial attempts to hack into commonly used apps. Sometimes people even throw hacking competitions to see who can get in first or deepest. One such competition is called Pwn2Own, which this year threw out cash prizes of up to $40,000 for lucky hackers who managed to break their way into the four most popular Web browsers on the market — Firefox, Internet Explorer, Safari, and Chrome — offering $10,000 for each browser busted. After three days of hackers firing away, three of those browsers fell to the attacks. The sole browser left standing: Google's Chrome. Even when running on Windows XP — now considered the least secure OS in Microsoft's arsenal and the easiest way in during an attack — Chrome survived uncompromised. Chrome is known as a lightweight, streamlined browser that is prized for its speed. Now that rep is expanding as it becomes known for its impressive security: At last year's Pwn2Own competition, Chrome survived uncompromised as well. But, as ZDNet's Garett Rogers notes, just because Chrome survived unscathed doesn't mean that the browser is completely secure, although it does appear to have a better security design than the other three browsers used in the competition. Note that a security hole on its own doesn't really mean a whole lot: Most of the risk to the user from a browser exploit comes from holes that go unpatched over time. If you update your browser and operating system regularly — and run security software on your computer — no browser is really all that much more secure than any other. In other Pwn2Own news, hackers attacking cell phones in the mobile devices portion of the competition had the best luck breaking into the iPhone and Nokia devices. The iPhone was in fact the first system or application to fall during the competition, with hackers finding their way into its SMS message database in short order using a malicious website attack.