Google offers hackers $1m to crack their web browser

Must Read

Nigeria’s COVID-19 Cases Rise To 111

The Nigeria Centre for Disease Control (NCDC) has reported fourteen new cases of coronavirus in the country, taking the...

FULL SPEECH: Buhari’s Nationwide Broadcast On Coronavirus


COVID-19: Extend Assistance To Other States Apart From Lagos, Lawmakers Beg Banks

The senate committee on banking, insurance and other financial institutions has urged banks to look beyond Lagos in its...

Coronavirus: Atiku Recommends 4 Ways To End Pandemic

Former vice president Atiku Abubakar has recommended that the coronavirus currently ravaging nations can be defeated by four ways.Speaking...

Coronavirus: Taraba Shuts All Land Borders, PDP Meeting Suspended

The Taraba State Government has announced the closure of the state's land borders to check the incursion and spread...

Web giant Google is offering a reward of $1 million to people who can engineer a fully functional exploit that punches a security hole in its Chrome web browser.

The search giant has once again chosen the Cansecwest security conference to announce the competition, noting that developing a fully functional exploit is “significantly more work” than finding and reporting a potential security bug.

Posting on the Google Chrome Security Blog, Chris Evans and Justin Schuh from the Google Chrome Security Team explained that the aim of the sponsorship is simple. They said, “We have a big learning opportunity when we receive full end-to-end exploits. Not only can we fix the bugs, but by studying the vulnerability and exploit techniques we can enhance our mitigations, automated testing, and sandboxing. This enables us to better protect our users.”

Somewhat perversely, the team added that the fact that Chrome is not receiving exploits means that it is actually harder to improve the platform. So to address this and maximise the chances of receiving exploits this year, the search company has dug deep to put up a cool $1 million worth of rewards. The top individual prize of $60,000 will be paid for a full Chrome exploit using only bugs in Chrome to deliver Windows 7 local OS user account persistence.

$40,000 is up for grabs for a partial Chrome exploit based on at least one bug in Chrome itself, plus other bugs. For example, a Webkit bug combined with a Windows sandbox bug.

Moving down the scale, Google will cough up a $20,000 “Consolation reward” for an exploit that does not actually use bugs in Chrome. For example, bugs in one or more of Flash, Windows or a driver.

All winners will also receive a Chromebook.

“We will issue multiple rewards per category, up to the $1 million limit, on a first-come-first served basis. There is no splitting of winnings or “winner takes all.” We require each set of exploit bugs to be reliable, fully functional end to end, disjoint, of critical impact, present in the latest versions and genuinely “0-day,” i.e. not known to us or previously shared with third parties. Contestant’s exploits must be submitted to and judged by Google before being submitted anywhere else,” the company explained

- Advertisement -



Please enter your comment!
Please enter your name here

More Articles Like This

- Advertisement -