Jump to content
Login with your Gmail HERE and start posting in seconds! ×

Google Offers US$1 Million To Chrome Hackers

webfact

By webfact
in IT and Computers

 Share

Recommended Posts

webfact Grand Master Member

webfact

Posted
Posted

Google offers 1 million dollars to Chrome hackers

SAN FRANCISCO: -- Google is offering hackers 1 million dollars in prize money to find and exploit new security flaws in its Chrome web browser, the company said Tuesday.

Under the terms of the offer, the web software giant will pay 60,000 dollars for any "full Chrome exploit" that allows malicious hackers to take over a users’ computer via a bug solely in the company’s web browser. The hackers must make available the full details of the exploit to Google in order to qualify for the prize, and must not have released details of the exploit to anyone else, the Google Chrome security team announced in a late Monday blog posting.

In addition, Google will pay 40,000 dollars to anyone whose new exploit relies on a bug in Chrome in conjunction with a flaw in Windows 7, and will offer 20,000 to those who uncover a previously unknown bug in Windows 7. It will pay these sums for every new exploit it receives until the 1 million dollar limit is reached.

"The aim of our sponsorship is simple: we have a big learning opportunity when we receive full end-to-end exploits," said Google’s Chrome security. "Not only can we fix the bugs, but by studying the vulnerability and exploit techniques we can enhance our mitigations, automated testing, and sandboxing. This enables us to better protect our users."

nationlogo.jpg

-- The Nation 2012-02-29

Link to comment
Share on other sites
khunken Platinum Member

khunken

Posted
Posted

This is a cheap way for Google to try to control hacks of Chrome. In many cases hackers post their hack details on the internet which allows others to try their luck. It also means that Google has to very quickly plug the hacked leak.

By offering money to keep the hacks quiet, Google has more time to fix the leak, keep it away from other hackers & boast that Chrome is safe.

Also, the headline is totally misleading as the most a hacker can get is $60,000.

  • Like 1
Link to comment
Share on other sites
rakman Gold Member

rakman

Posted
Posted

Anonymous will do it for free, hack & crash that is

But I doubt that Anonymous will not publish the hack, thusly giving up the $60k, for each bug.

HP did something similar in the 70's with their Access timeshare machine. HP was sure the bugs were sqaushed, so they gave a system to a school and offered $150 for each bug the students found. At $100k, HP pulled the plug on the bug hunt.

You got to admire the inquitiveness and the tenacity of kids.

  • Like 1
Link to comment
Share on other sites
Garry Platinum Member

Garry

Posted
Posted (edited)

Anonymous will do it for free, hack & crash that is

good on yer you sound like a w*****hker

Wow name calling for stating something obvious. I guess I've learnt my lesson now laugh.png

Anonymous will do it for free, hack & crash that is

But I doubt that Anonymous will not publish the hack, thusly giving up the $60k, for each bug.

HP did something similar in the 70's with their Access timeshare machine. HP was sure the bugs were sqaushed, so they gave a system to a school and offered $150 for each bug the students found. At $100k, HP pulled the plug on the bug hunt.

You got to admire the inquitiveness and the tenacity of kids.

Oh no doubt, hence why I said they would do it for free. :)

Edited by Garry
  • Like 1
Link to comment
Share on other sites
WarpSpeed Diamond Member

WarpSpeed

Posted
Posted

This is a cheap way for Google to try to control hacks of Chrome. In many cases hackers post their hack details on the internet which allows others to try their luck. It also means that Google has to very quickly plug the hacked leak.

By offering money to keep the hacks quiet, Google has more time to fix the leak, keep it away from other hackers & boast that Chrome is safe.

Also, the headline is totally misleading as the most a hacker can get is $60,000.

I read $100,000.....

Link to comment
Share on other sites
innerspace Silver Member

innerspace

Posted
Posted

This may be a fresh story but hardly new. Google have been offering these kind of deals for years.

As for whoevers comment of Google paying and passing onto the police... There is nothing illegal about hacking in these terms, presuming you are accessing your own machines.

  • Like 1
Link to comment
Share on other sites
WarpSpeed Diamond Member

WarpSpeed

Posted
Posted

This may be a fresh story but hardly new. Google have been offering these kind of deals for years.

As for whoevers comment of Google paying and passing onto the police... There is nothing illegal about hacking in these terms, presuming you are accessing your own machines.

No but where there's smoke there's usually fire and it's not likely one who gets really good at hacking does it without implementing it right? Likely if they were investigated independent of Google due to an "anonymous" tip they'd find some closeted skeletons...

Link to comment
Share on other sites
rakman Gold Member

rakman

Posted
Posted

This may be a fresh story but hardly new. Google have been offering these kind of deals for years.

As for whoevers comment of Google paying and passing onto the police... There is nothing illegal about hacking in these terms, presuming you are accessing your own machines.

No but where there's smoke there's usually fire and it's not likely one who gets really good at hacking does it without implementing it right? Likely if they were investigated independent of Google due to an "anonymous" tip they'd find some closeted skeletons...

There are some white hat "hackers" that do try to keep the coders honest.

As the one guy found out, Apple wasn't amused at his demo of an exploit that he found and alerted Apple to, only to be ignored. So he published it at the iTunes store (Apple approved for distribution) then he announced the flaw.

Apple banned him for a year.

The thinking at a coding company is often constrained by management or company culture. Users in the wild have no such constraints and often find what others are forced to ignore.

Link to comment
Share on other sites
WarpSpeed Diamond Member

WarpSpeed

Posted
Posted

This may be a fresh story but hardly new. Google have been offering these kind of deals for years.

As for whoevers comment of Google paying and passing onto the police... There is nothing illegal about hacking in these terms, presuming you are accessing your own machines.

No but where there's smoke there's usually fire and it's not likely one who gets really good at hacking does it without implementing it right? Likely if they were investigated independent of Google due to an "anonymous" tip they'd find some closeted skeletons...

There are some white hat "hackers" that do try to keep the coders honest.

As the one guy found out, Apple wasn't amused at his demo of an exploit that he found and alerted Apple to, only to be ignored. So he published it at the iTunes store (Apple approved for distribution) then he announced the flaw.

Apple banned him for a year.

The thinking at a coding company is often constrained by management or company culture. Users in the wild have no such constraints and often find what others are forced to ignore.

Maybe but how would one find such a weakness if they didn't go LOOKING for it? And if they never practice their black art?

It's like saying I broke into your bank account to let you know it wasn't safe! giggle.gif

Link to comment
Share on other sites
innerspace Silver Member

innerspace

Posted
Posted

This may be a fresh story but hardly new. Google have been offering these kind of deals for years.

As for whoevers comment of Google paying and passing onto the police... There is nothing illegal about hacking in these terms, presuming you are accessing your own machines.

No but where there's smoke there's usually fire and it's not likely one who gets really good at hacking does it without implementing it right? Likely if they were investigated independent of Google due to an "anonymous" tip they'd find some closeted skeletons...

There are some white hat "hackers" that do try to keep the coders honest.

As the one guy found out, Apple wasn't amused at his demo of an exploit that he found and alerted Apple to, only to be ignored. So he published it at the iTunes store (Apple approved for distribution) then he announced the flaw.

Apple banned him for a year.

The thinking at a coding company is often constrained by management or company culture. Users in the wild have no such constraints and often find what others are forced to ignore.

Maybe but how would one find such a weakness if they didn't go LOOKING for it? And if they never practice their black art?

It's like saying I broke into your bank account to let you know it wasn't safe! giggle.gif

This "hacking" is identical to whats known as "software testing", a respectable and well paid job.

Would you class drug trial volunteers as the same as heroin addicts?

Of course there are people who do the same with different motives but no need to categorise everyone......

Link to comment
Share on other sites
WarpSpeed Diamond Member

WarpSpeed

Posted
Posted

No but where there's smoke there's usually fire and it's not likely one who gets really good at hacking does it without implementing it right? Likely if they were investigated independent of Google due to an "anonymous" tip they'd find some closeted skeletons...

There are some white hat "hackers" that do try to keep the coders honest.

As the one guy found out, Apple wasn't amused at his demo of an exploit that he found and alerted Apple to, only to be ignored. So he published it at the iTunes store (Apple approved for distribution) then he announced the flaw.

Apple banned him for a year.

The thinking at a coding company is often constrained by management or company culture. Users in the wild have no such constraints and often find what others are forced to ignore.

Maybe but how would one find such a weakness if they didn't go LOOKING for it? And if they never practice their black art?

It's like saying I broke into your bank account to let you know it wasn't safe! giggle.gif

This "hacking" is identical to whats known as "software testing", a respectable and well paid job.

Would you class drug trial volunteers as the same as heroin addicts?

Of course there are people who do the same with different motives but no need to categorise everyone......

Nope but being a good hacker is not unlike being a good detective in order to be really good and top in one's profession one is operating on the thin line between right and wrong and need to think just like a criminal or in this case hacker in order to catch one and occasionally some do slip over the line..

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.









×
×
  • Create New...