Find a Security Vulnerability or Bug in Chrome and Win Money
At last year, Google Chrome was the only browser to stand up and not get cracked. Almost major browser such as; Microsoft’s IE8, Apple’s Safari as well as Mozilla’s Firefox were all hacked into, however Google’s Chrome browser still stood its ground. It’s not due to Chrome isn’t annoyed by bugs and security vulnerabilities, it’s just that exploiting these bugs is quite difficult.
Talking about of bugs and security vulnerabilities, the Mountain View-based search engine giant has offered an exciting invitation to all security developers out there. The purpose is to minimize even eliminate security vulnerabilities in this browser. Basically the company wants security professionals to take a look at Chrome nor Chromium (the open source code used as the foundation of Chrome) and locate if they can uncover any bug or security vulnerability. If they do find bugs or security vulnerabilities, they will be obtained money, about $500 to $1337 (funny). However the amount of rewards depending on the severity of the vulnerability.
“We are introducing an experimental new incentive for external researchers to participate. We will be rewarding select interesting and original vulnerabilities reported to us by the security research community. For existing contributors to Chromium security — who would likely continue to contribute regardless — this may be seen as a token of our appreciation. In addition, we are hoping that the introduction of this program will encourage new individuals to participate in Chromium security. The more people involved in scrutinizing Chromium’s code and behavior, the more secure our millions of users will be. Any bug filed through the Chromium bug tracker (under the template “Security Bug”) will qualify for consideration,” said Chris Evans on behalf of the Google Chrome Security team.
This initiative is also purposed to avoid irresponsible vulnerability disclosure. If a security professional manages to uncover a security crack in Chrome or Chromium, I’m sure he would much rather acquires the rewards than reveal it to the world. Making security vulnerabilities public before Google has had an opportunity to solve them is irresponsible behavior, as malicious hackers can exploit the bugs while it remains unpatched.
However, it must be said that Google’s initiative is not original one. This isn’t the first time, the people over at Mozilla have the Mozilla Security Bug Bounty Program in place for a while, program which rewards those who find valid critical security bugs with $500 (US) cash reward as well as a Mozilla T-shirt.
Related Reading
Some related stuff you might interested on :
Related Resources
You may find these related resources below useful, seriously, you might. Check 'em out!
Comments
Shout Yours Out!
