[citation][nom]santiagoanders[/nom]From the dvlabs link above: "If Pwn2Own required the sandbox escape be disclosed, we believe there would be no competitors targeting Chrome," emphasis mine.They say sandbox exploits are too valuable to a hacker to be rewarded with such little compensation in this competition. And they say this means that nobody would even try to target chrome for an execution exploit? Not sure I follow that logic.[/citation]
I think by competitors, Google means that their actual competitors, not hackers. If not, well it makes sense, at least some sense. Google says that if they have the data for the sandbox escapes, then hackers are less likely to use the same attack against them. The hackers would need to find a different vulnerability than they found in Chrome at the competition in order to attack.unless they attacked Chrome before Google fixes the vulnerability.
Besides, I still think that Google was referring to Mozilla, Microsoft, etc. yelling at Google about Chrome having problems with sandbox escape attacks, or something along those lines.