- Ars Technica reports one team "compromised Microsoft's heavily fortified Edge browser in a way that escapes a VMware Workstation virtual machine it runs in... by exploiting a heap overflow bug in Edge, a type confusion flaw in the Windows kernel and an uninitialized buffer vulnerability in VMware."
- Digital Trends reports "Samuel Grob and Niklas Baumstark used a number of logic bugs to exploit the Safari browser and eventually take root control of the MacOS on a MacBook Pro, [and] impressed onlookers even more by adding a custom message to the Touch Bar which read: "pwned by niklasb and saelo."
- Ubuntu 16.10 Linux was also successfully attacked by exploiting a flaw in the Linux 4.8 kernel, "triggered by a researcher who only had basic user access but was able to elevate privileges with the vulnerability to become the root administrative account user..." reports eWeek. "Chaitin Security Research Lab didn't stop after successfully exploiting Ubuntu. It was also able to successfully demonstrate a chain of six bugs in Apple Safari, gaining root access on macOS."
- Another attacker "leveraged two separate use-after-free bugs in Microsoft Edge and then escalated to SYSTEM using a buffer overflow in the Windows kernel."
None of the attendees registered to attempt an attack on the Apache Web Server on Ubuntu 16.10 Linux, according to eWeek, but the contest's blog reports that "We saw a record 51 bugs come through the program. We paid contestants $833,000 USD in addition to the dozen laptops we handed out to winners. And, we awarded a total of 196 Master of Pwn points."
It's been an ongoing battle to maintain the web's openness, but in addition, Berners-Lee lists the following issues: 1) We've lost control of our personal data. 2) It's too easy for misinformation to spread on the web. 3) Political advertising online needs transparency and understanding. Tim Berners-Lee writes:
We must work together with web companies to strike a balance that puts a fair level of data control back in the hands of people, including the development of new technology like personal "data pods" if needed and exploring alternative revenue models like subscriptions and micropayments. We must fight against government over-reach in surveillance laws, including through the courts if necessary. We must push back against misinformation by encouraging gatekeepers such as Google and Facebook to continue their efforts to combat the problem, while avoiding the creation of any central bodies to decide what is "true" or not. We need more algorithmic transparency to understand how important decisions that affect our lives are being made, and perhaps a set of common principles to be followed. We urgently need to close the "internet blind spot" in the regulation of political campaigning.
Berners-Lee says his team at the Web Foundation "will be working on many of these issues as part of our new five year strategy," researching policy solutions and building progress-driving coalitions, as well as maintaining their massive list of digital rights organizations. "I may have invented the web, but all of you have helped to create what it is today... and now it is up to all of us to build the web we want -- for everyone." Inspired by the letter, very-long-time Slashdot reader Martin S. asks, does the web need improvements? And if so, "I'm wondering what Slashdotters would consider to be a solution?"