June 19th, 2008
2008 Pwnie Awards
Don’t forget to go and vote on the Pwnie Awards, which will happen at Black Hat Vegas again this year. I don’t want to campaign for votes, but I wouldn’t be pissed if some of my loyal readers out there voted for me, Billy Rios, Rob Carter, and John Heasman and some of our interesting research that I’ve presented here on the blog.
The awards are good fun, here’s a little background info on them:
Award categories
In 2008 there are going to be nine award categories:
- Pwnie for Best Server-Side Bug
- Pwnie for Best Client-Side Bug
- Pwnie for Mass 0wnage
- Pwnie for Most Innovative Research
- Pwnie for Lamest Vendor Response
- Pwnie for Most Overhyped Bug
- Pwnie for Best Song
- Pwnie for Most Epic FAIL (new for 2008)
- Pwnie for Lifetime Achievement (new for 2008)
Nominations
The Pwnie Awards will accept nominations for bugs disclosed over the last year, from June 1, 2007 to May 31, 2008.
Nomininations will be accepted from June 16 until July 14. The top five nominees in each category will be announced on the website and the judges will gather at an undiscolosed location to vote on the winners. The judges are disqualified from winning any Pwnie awards.
Judges
The Pwnie Award nominations will be judged by a panel of respected security researchers - the closest to a jury of peers a hacker is likely to ever get.
- Dave G
- Mark Dowd
- Dino Dai Zovi
- HD Moore
- Dave Aitel
- Halvar Flake
- Alexander Sotirov
That’s quite a panel of judges!
Sponsors
The Pwnie Awards thank Jeff Moss for providing a venue for the awards ceremony at a place where so much of the security community is gathered.
Please enquire below for other sponsorship opportunities, but keep in mind that sponsoring the awards will not save you from winning Pwnie for Lamest Vendor Response or Most Epic FAIL if you deserve them.
Nathan McFeters is a Senior Security Advisor for Ernst & Young's Advanced Security Center in Chicago. The views and opinions expressed in this article are his own and do not represent the views and opinions of Ernst & Young Advanced Security Center or Ernst & Young, LLP. Nathan has performed web application, deep source code, Internet, Intranet, wireless, dial-up, and social engineering engagements for numerous clients in the Fortune 500 during his career at Ernst & Young and has spoken at a number of prestigious conferences, including Black Hat, DEFCON, ToorCon, and Hack in the Box. He can be found at his Pwn* blog and XS-Sniper, a blog with Billy Rios. See his full profile and disclosure of his industry affiliations.
