08/17/2012

Google Bug Bounty

Google is paying people to hack into their web browser.

Wait, what?

That’s right. Google has announced an offering of $2 million in prizes to hackers who successfully exploit Google Chrome (with demonstrations – you can’t just go in and say you did it and expect a fat check).

The contest, known as Pwnium 2, will take place at the Hack In The Box security conference in Malaysia in October. Hackers can win prizes from $2,000 to $4,000 with an added $1,000 bonus for well-exploited examples. More prize quotes can be found at blog.chromium.org.

On Tuesday, Google announced that they had noticed a “significant drop-off” in reported problems and vulnerabilities in Chrome, apparently making it tougher to crack for the average hacker.

"This signals to us that bugs are becoming harder to find, as the efforts of the wider community have made Chromium significantly stronger," the company said.

So, instead of sitting back and relaxing in their strong security like anyone else would, they decided to offer more money for more security break-ins.

It seems backwards until you realize that they use these paid security breaches to fix the problems before hackers with not-so-honorable intentions (or at least the $4,000 to keep them honest) exploit the holes in security.

Don’t worry, Chrome users. Google has you covered.