Google Offering Up $1 Million In Prizes To Hackers
Google announced this week that it will be handing out $1 million to hackers who can successfully exploit its Chrome browser at next week’s CanSecWest security conference.
The company said it will be handing out several prizes at the conference for users who are able to exploit different security flaws on the browser.
Users who are able to exploit the browser using only bugs in Chrome itself at the conference will be rewarded with $60,000.
The company also said that hackers who exploit using at least one bug in Chrome, plus other bugs, will be given $40,000.
A $20,000 prize will be offered to the hackers who are able to exploit the Web browser using bugs that do not exist in Chrome.
“These exploits are not specific to Chrome and will be a threat to users of any web browser,” Chris Evans and Justin Schuh, Google Chrome Security Team, said in a joint blog post. “Although not specifically Chrome´s issue, we´ve decided to offer consolation prizes because these findings still help us toward our mission of making the entire web safer.”
Google said it will be handing out multiple rewards per category, up to the $1 million limit, on a first-come-first-served basis.
The search giant said it will require each set of exploit bugs to “be reliable, fully functional end to end, disjoint, or critical impact, and present in the latest versions.”
Google withdrew sponsorship from this year’s Pwn2Own competition because it discovered that contestants were permitted to enter it without having to reveal full exploits to vendors.
“Full exploits have been handed over in previous years, but it´s an explicit non-requirement in this year´s contest, and that´s worrisome,” Evans and Schuh wrote on the blog.
They said Google will instead be running this alternative Chrome-specific reward program.
The winners of the different categories will also be receiving a Chromebook, which is a laptop specifically designed for Internet use and developed by both Samsung and Acer.
On the Net: