Google dispenses first jackpot award to security bug hunter
Google updated its Chrome browser software on Wednesday to address a variety of security bugs, including the first vulnerability to qualify its finder for the recently introduced top-tier of its Chromium Security Reward scheme. Sergey Glazunov earns an “elite” $3,133.7 award for his bug-finding efforts as well as pocketing the …
This topic is closed for new posts.
elite "1337" payments eh?
If I was a hacker I would definately be offering my skills to plug security holes in peoples software, and if companies are now offering payment for highlighting these issues, I might have to learn how to hack...
I used to be 1337 once...
I got much better
Google keeps sending me e-mail to tell me they have awarded me millions in jackpot. And I didn't even have to work for it!
That said, they might want to raise the prizes if they really hope people with look for possible bugs. Hearing that the cash machine gave all of $14'000 in prizes sounds cheap. But maybe I'm too demanding.
Dont knock it
14 grand is cheap, but at least its reaching out to the poor whitehatters, most of whom are expected to roll over and cough up the stuff they find for free, and I think the general idea is to not only reach out to that section of the community, but also to keep greyhatters from pulling a "Ive found a bug, and if you dont give me X Y Z and a reacharound, Imma sploit the hell out of it"
frankly I applaud the steps taken, its a surprisingly progressive idea, even for google.
I've found 1000's of bugs in Chrome...
http://www.google.com.au/search?client=firefox-a&rls=org.mozilla%3Aen-US%3Aofficial&channel=s&hl=en&source=hp&q=bugs&meta=&btnG=Google+Search
Applaud Google for trying but...
$3,133.7 is peanuts compared to what proper vulnerabilities could fetch on the open market. just be glad this guy has morals and is not an 'American Capitalist'.
Google really should consider $31,337 as a small price to keep themselves out of the media storm that would ensue following exploit. It also starts to get into the realms proper fees for security consultants, so perhaps people could make a living from exploit hunting. rather than just the hobbiest collective.
What was that an hour?
... still it's a step up from Google's usual outsourced development rate of $0.00 per day.
This topic is closed for new posts.
