I'll include Richard Barnes' response to cabfpublic here too, for completeness:
---------- Forwarded message ---------- From: "Richard Barnes via Public" <pub...@cabforum.org> Date: Mar 6, 2017 8:58 AM Subject: Re: [cabfpub] 360 team hacks Chrome To: "CA/Browser Forum Public Discussion List" <pub...@cabforum.org> Cc: "Richard Barnes" <rbar...@mozilla.com> Richard: Is there any particular reason you're posting year-old security news here? To add some context for those who might not be familiar with pwn2own, "Hacked in 11 minutes" is not a surprising result. Most browsers that are included in pwn2own get hacked (most targets in general). The bounty is rich enough that vulnerability researchers put significant effort into preparation. It's an important way that browser vendors find out about security exploits. Pwn2own 2017 is in a couple of weeks: http://zerodayinitiative.com/Pwn2Own2017Rules.html On Mar 6, 2017 9:19 AM, "Richard Wang via dev-security-policy" < dev-security-policy@lists.mozilla.org> wrote: Sorry, I posted an old news that I just saw it. Please ignore it. Best Regards, Richard > On 6 Mar 2017, at 21:45, Richard Wang via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > > Pwn2Own 2016: Chinese Researcher Hacks Google Chrome within 11 minutes > http://www.prnewswire.com/news-releases/pwn2own-2016- chinese-researcher-hacks-google-chrome-within-11-minutes-300237705.html > > > Best Regards, > > Richard > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
