Comex Wins 2011 Pwnie Award for ‘Best Client-Side Bug’, Geohot Wins Too

Update: Geohot also won an award for ‘Best Song’, with his rap titled ‘The Light it Up Contest. Check that song out below:

Comex, the brains behind the notoriously brilliant for iOS devices, has just won a 2011 Pwnie Award for ‘Best Client-Side Bug’. The Pwnie awards happen yearly in Las Vegas to ‘celebrate the achievements and failures of security researchers and the security community’.

The awards started today, and Comex won for his work with creating and exploiting vulnerabilities in iOS with his jailbreak:

Awarded to the person who discovered or exploited the most technically sophisticated and interesting client-side bug. These days, ‘client’ is pretty much synonymous with ‘web browser’, but don’t forget about all the media player integer overflows!

FreeType vulnerability in iOS (CVE-2011-0226)
Credit: Comex

Comex exploited a vulnerability in the interpreter for Type 1 font programs in the FreeType library used by MobileSafari. This exploit is a great example of programming a weird machine to exploit a modern system. Comex used his control over the interpreter to construct a highly sophisticated ROP payload at runtime and bypass the ASLR protection in iOS. Furthermore, the ROP payload exploited a kernel vulnerability to execute code in the kernel and disable code-signing. The exploit was hosted on and was successfully used by thousands of people to jailbreak their iOS devices.

Congrats to Comex for his win, as his excellent work has been recognized. Also known as Nicholas Allegra, this 19 year old Brown University student was recently profiled by Forbes.