Skuto writes: After offering a total prize fund of up to 1M USD for a successful Chrome hack (http://news.slashdot.org/story/12/02/28/1833229/google-offers-1-million-for-chrome-exploits), it seems Google got what it wanted (or not!). No more than 5 minutes into the Pwn2Own cracking contest team Vupen exploited 2 Chrome bugs to demonstrate a total break of Google's browser. They will win at least 60k USD out of Google's prize fund, as well as taking a strong option on winning the overall Pwn2Own prize. It also illustrates that Chrome's much lauded sandboxing (http://arstechnica.com/business/news/2011/12/chrome-sandboxing-makes-it-the-most-secure-browser-vendor-study-claims.ars) is not a silver bullet for browser security.
You can tune a piano, but you can't tuna fish.
You can tune a filesystem, but you can't tuna fish.
-- from the tunefs(8) man page