Are you in need of a quick $20,000? Hack Google and you just
might get that bounty. Earlier this week, Google announced a substantial
increase in the top prize rewarded for hacking their products as part of its Vulnerability Reward Program.
Google uses the program as a relatively inexpensive way to
utilize independent programmers and hackers to debug their products.
The new program looks something like this:
While the update substantially increases rewards in some
areas (the previous top prize was only $3,133.7), in others, the prize was
substantially reduced. According to Google, the redistribution of prizes is
aimed at focusing efforts on areas that have the most potential to harm users.
To help
focus the research on bringing the greatest benefit to our users, the new rules
offer reduced rewards for vulnerabilities discovered in non-integrated
acquisitions and for lower risk issues. For example, while every flaw deserves
appropriate attention, we are likely to issue a higher reward for a cross-site
scripting vulnerability in Google
Wallet than one in Google Art
Project, where the potential risk to user data is
significantly smaller.
So far, Google has doled out around $460,000 to about 200
individuals and says the program has “beyond any doubt” made their products
safer.
No comments:
Post a Comment