Google Offers Three Times The Reward For Squashing Chrome Bugs

Previously bug hunters were paid a minimum of $500 and up to $5,000 for each bug reported based on significance of the find.

Previously bug hunters were paid a minimum of $500 and up to $5,000 for each bug reported based on significance of the find.

Google announced it has tripled its maximum reward for finding flaws in Chrome as part of the company’s bug bounty program.

The move is to restrain research community from selling their information on shady markets and also to encourage them to dig deeper in discovering vulnerabilities in Chrome.

Previously bug hunters were paid a minimum of $500 and up to $5,000 for each bug reported based on significance of the find. However with Google establishing a secure platform for its services, it is now a great challenge to discover new exploits in its software. So, Google has upped the reward to $15,000 for researchers to uncover bugs and is also offering more cash to researchers who can submit an exploit code for their vulnerability submission.

Developers can now submit the vulnerability first and then can follow up later with an example exploit. Google says this will give researchers more time to demonstrate the bug’s importance and will give its engineers more time to fix the bug before malicious exploits.

“We understand that our cash reward amounts can be less than these alternatives, but we offer you public acknowledgement of your skills and how awesome you are, a quick fix and an opportunity to openly blog/talk/present on your amazing work,” Google Chrome’s hacker philanthropist Tim Willis wrote. “Also, you’ll never have to be concerned that your bugs were used by shady people for unknown purposes.”

Sometimes there are exceptions when Google goes beyond the set limit reward if the exploit uncovered deserves extra encouragement. In one such case last month, the company awarded $30,000 for a Chrome OS report containing bugs in V8, IPC, sync, and extensions that could result in remote code execution outside of the sandbox.

The company argues this a win-win situation: “we get to patch bugs earlier and our contributors get to lay claim to the bugs sooner, lowering the chances of submitting a duplicate report.” Oh, and more reward money can’t hurt.

In order to ensure a researcher gets acknowledged for their work, Google has a Google Hall Of Fame, where Chrome reward recipients will now be listed in order. The recipients work will be immortalized forever and can also be worn as a badge of honor.

Until now, Google has rewarded security researchers more than $1.25 million through its bug reward program and squashed over 700 Chrome security bugs. These reward programs also help companies like Google and Facebook in discovering new exploits without going on a hiring spree for security analysts.

Anna Domanska
Anna Domanska is an Industry Leaders Magazine author possessing wide-range of knowledge for Business News. She is an avid reader and writer of Business and CEO Magazines and a rigorous follower of Business Leaders.

Recent Posts

Renewable Energy Adoption will Need to Change Gears to Meet Net-Zero

Renewable Energy Adoption will Need to Change Gears to Meet Net-Zero

Renewable energy adoption pace is good, but it is still falling short of meeting net zero emission rate, says the latest International Energy Agency’s (IEA) annual report. Higher
46 mins ago
America is Losing its Appetite for Plant-Based Meat

America is Losing its Appetite for Plant-Based Meat

Most meat in 2040 will not come from animals, says report. However, the recent decline in sales of plant-based meat fell by 1.8 percent compared to the year before, taking declines
1 day ago
Fusion startup raises $1.8 billion to give us unlimited clean energy

Fusion startup raises $1.8 billion to give us unlimited clean energy

Commonwealth Fusion Systems secures more than $1.8 billion in Series B funding to commercialize fusion energy. The funding round was led by Tiger Global Management with participati
2 days ago
Omicron might push inflation, says OECD

Omicron might push inflation, says OECD

The latest Coronavirus variant, Omicron, which is believed to be more transmissible and severe, might derail growth and recovery and raise costs, according to the Organization for
2 days ago
Who is Parag Agrawal, Twitter’s new CEO?

Who is Parag Agrawal, Twitter’s new CEO?

Indian-born Parag Agrawal took over as the CEO of Twitter as co-founder Jack Dorsey stepped down for the second time in his career. Agrawal is the fourth person to take the reins a
3 days ago
Goldman Sachs rolls out paid leave for pregnancy loss

Goldman Sachs rolls out paid leave for pregnancy loss

Goldman employees are now eligible for 20 days of paid leave for a miscarriage or stillbirth. The investment banking giant is also increasing its retirement fund matching contribut
3 days ago