Google doubles reward pot to $2m for crackers who discover flaws in ChromeIT Security Pro

August 17, 2012 by  
Filed under Every thing you Need to Know

Google doubles reward pot to $2m for crackers who discover flaws in Chrome by Editor Posted on August 16,12

The contentious issue over whether companies should offer prizes to crackers who reveal security flaws in their software resurfaced this when Google announced it was effectively doubling its bug bounty fun to $2 million.

The increase forms part of Pwnium 2, a contest that will see crackers rewarded with prizes of up to $60,000 that exploit the Chrome browser or the Chromium operating system seen on portable computers designed to run almost exclusively across the Internet.

Plans call for Pwnium 2 to kick off on October 10, when the latest Hack-in-the-Box event opens in Malaysia. Google says that a “partial Chrome exploit,” such as one that combines a bug in Chrome’s native code base with a bug in Windows, will be rewarded with $50,000, whilst a “non-Chrome exploit” in Adobe Flash, Windows or similar third-party platform will be rewarded with $40,000.

According to Google software engineer Chris Evans, the first Pwnium competition held earlier this year exceeded the company’s expectations, after the firm received two submissions of such complexity and quality that both of them won Pwnie Awards at this year’s Black Hat industry event.

“Most importantly, we were able to make Chromium significantly stronger based on what we learned,” he said, adding that up to $2 million worth of rewards will be on offer.

Exploits, he explained, should be demonstrated against the latest stable version of Chrome.

“Chrome and the underlying operating system and drivers will be fully patched and running on an Acer Aspire V5-571-6869 laptop (which we’ll be giving away to the best entry),” he said, adding that exploits should be served from a password-authenticated and HTTPS Google property, such as App Engine.

“The bugs used must be novel i.e. not known to us or fixed on trunk. Please document the exploit,” he noted.

Speak Your Mind

Tell us what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!