Apr 24, 2012

Google raises Hackers bounties to $20,000


Google on Monday raised to $20,000 its bounty on software bugs that hackers could exploit for cyber attacks on the Internet giant's online services.

The maximum reward for exposing a vulnerability that would let an intruder's code get up to mischief in a Google data centre was ramped up from the $US3,133 ($A3,030) payout set when the bounty program was launched in November of 2010.

Remote code flaws found in Google's Web apps will also be rewarded $20,000.The term "remote code execution" refers to the most serious category of vulnerabilities, those which when exploited allow an attacker to hijack a system and/or plant malware on a machine.

A $10,000 bounty will be paid for SQL injection bugs or significant authentication bypass or data leak vulnerabilities, Google said in the revised rules for the program.

At Google’s Pwnium contest in March, Google paid out $60,000 prizes to anyone that could exploit the Chrome browser. Two people managed to do so, and collected the money. Even at that rate, security researchers have made it clear the exploits would have been worth more if sold to malicious individuals. Google’s $20,000 top payment is likely still far below the market rate.

The bounty was raised to inspire software savants to hunt for difficult-to-find, and potentially perilous, bugs hidden deep in programs

No comments:

Post a Comment