Last night, the Black Hat security conference in Las Vegas wrapped up for the day with the second annual Pwnie Awards, where a group of judges gave out golden miniature ponies with flowing pink hair to their selections for categories such as “lamest vendor response,” “epic FAIL,” “most overhyped bug,” and “best song.” The Pwnie Awards take their name from the slang verb “pwn,” pronounced to rhyme with “own,” which, according to the Urban Dictionary, means “an act of dominating an opponent.”
For the most part, the awards were given and received with good humor. Someone claiming to be from McAfee made a surprise acceptance of the Pwnie for “lamest vendor response,” awarded for McAfee’s Hacker Safe certification program. The Pwnie Award judges mocked the program for certifying as “hacker safe” more than 60 websites that were later reported to be vulnerable to cross-site scripting attacks, which can be used to gain unauthorized access to sensitive data stored by the website’s database.
According to the Pwnie Awards’ website, McAfee responded to the vulnerabilities by claiming that cross-site scripting attacks can’t be used to hack a server, although they may affect the end user or the client.
Don’t settle for half the story.
Get paywall-free access to technology news for the here and now.