Two million bucks doled out in increments of some hundred to a few thousand bucks isn’t any fast option to make a fortune. But if you are a security researcher who enjoys finding holes in code, Google’s Vulnerability Rewards software is a method to add some profit to your enjoyment.
The company announced Monday that this system had been such a hit that it is “significantly. The pair additionally notes that the initiative has resulted in “prime requirements” (PDF) in safety response time. It’s been a key element in Google’s Chrome pitch: The browser is just not the handiest faster, but more secure.
Google’s bug bounty software is, in fact, two programs, both began in 2010. The Chromium VRP serves the open-source basis of Google Chrome, whereas the second is for Google’s other internet sites. Each has netted researchers some additional beer money to the tune of greater than $1 million each.
- Judge approves $20 million settlement in the Facebook suit
- Facebook to raise $1.5B in a secondary offering
- Google’s 15th birthday celebrated by interactive doodle
- Eric Schmidt says claims of Google “taking Oracle’s stuff” untrue
- Google patents software to show boring Facebook status
Bonuses for precise reporting or patching a important worm will continue to be offered. this system additionally has inspired, or as a minimum predates, equivalent packages at other major internet sites. Facebook lately announced that its two-yr-previous worm bounty application, launched in 2011, has scored 329 safety researchers greater than $1 million.
Malicious program bounty applications are jointly a good suggestion to researchers and the companies they may be serving. No longer simplest are researchers getting paid for his or her work. However, the corporations are additionally maintaining doubtlessly severely damaging bugs off of the vulnerable black market.