Two million bucks doled out in increments of some hundred to a few thousand bucks isn’t any fast option to make a fortune. But if you are a security researcher who enjoys finding holes in code, Google’s Vulnerability Rewards program is a method to add some profit to your enjoyment.
The company announced Monday that this system had been such a hit that it is “significantly. The pair additionally notes that the initiative has resulted in “prime requirements” (PDF) in safety response time. It’s been a key element in Google’s Chrome pitch: The browser is not just the fastest, but also more secure.
Google’s bug bounty software is, in fact, two programs, both began in 2010. The Chromium VRP serves the open-source basis of Google Chrome, whereas the second is for Google’s other internet sites. Each has netted researchers some additional beer money to the tune of greater than $1 million each.
- Judge approves $20 million settlement in the Facebook suit
- Facebook to raise $1.5B in a secondary offering
- Google’s 15th birthday celebrated by interactive doodle
- Eric Schmidt says claims of Google “taking Oracle’s stuff” are untrue
- Google patents software to show boring Facebook status
Bonuses for precise reporting or patching an important worm will continue to be offered. This system additionally has inspired, or at a minimum predates, equivalent packages at other major websites. Facebook lately announced that its two-year-old bug bounty application, launched in 2011, has scored 329 security researchers greater than $1 million.
Malicious program bounty applications are a good suggestion to researchers and the companies they may be serving. No longer are researchers getting paid for his or her work. However, the corporations are additionally maintaining doubtlessly severely damaging bugs on the vulnerable black market.
