Feeds

back to article Google ups bug bounty to $20,000 per flaw

Google is increasing the amount it is willing to pay to security researchers for bugs, with the most serious flaws now priced at up to $20,000. Google's security team has changed its payments plan and will now pay up to $20,000 for flaws that would allow code execution on its production systems. There's a $10,000 bounty for SQL …

COMMENTS

This topic is closed for new posts.
Silver badge

Shame...

...there isn't a smaller bounty for bugs in Google apps etc. Even a piddly $50 per bug would be appreciated.

1
0
Silver badge
Pint

Cool, let's get rich

Given the amount of personal, private data that gets sucked off of g+ and facebook alone we should all easily be able to find enough bugs to get filthy stonking rich. Let's do it, bitch!

Huh... what do you mean g+ and facebook are designed that way?

0
2
FAIL

Increase?

Not quite the same as the $900k they paid to someone in 2006 .

They paid $460k to 200 people last year, they couldn't employ 3 people for that.

Apparently, even Google employees think $20k is a joke, but they get fired if they say so.

It's strange that these pathetically low figures are being spun as an 'increase'!

0
2
Silver badge
Facepalm

Re: Increase?

As opposed to what company which is paying more than that for bugs?

1
0

SQL injection?`

Really? Not just SQL injections are rookie mistakes but Google generally don't use SQL.

0
1
Anonymous Coward

Imagine...

Developer to Google: I've found this really critical bug with your system:

Google to Developer: Ok, we're pay you £x if you tell us about it.

Developer to Google: Sorry, not enough. Never mind.

0
1
Anonymous Coward

Re: Imagine...

Actually, you don't need to imagine it; this is precisely what VUPEN does. They sell their exploits to select governmental agencies, and would never dream of telling Google about it for so little money. Nice, eh?

0
0
This topic is closed for new posts.