Softpedia
 
HomepageWindowsGamesDriversMacLinuxScripts buttonMobileHandheldNews

NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
TRENDING TODAY
Home > News > Webmaster > Google News

April 24th, 2012, 13:47 GMT · By

Google Now Pays $20,000, €15,194 for Critical Security Bugs

SHARE:

Adjust text size:

The new Google rewards program for security vulnerabilities
Enlarge picture
Google is getting even more generous with its rewards for security bug reports and fixes. Google has been offering money to researches pointing out vulnerabilities in Chrome and more recently in other Google products.

The program has proven rather successful so much so that Google decided it should step up the game and offer significantly larger prizes for serious bugs.

"We recently marked the anniversary of our Vulnerability Reward Program, possibly the first permanent program of its kind for web properties," Google wrote.

"This collaboration with the security research community has far surpassed our expectations: we have received over 780 qualifying vulnerability reports that span across the hundreds of Google-developed services, as well as the software written by fifty or so companies that we have acquired," it said.

"In just over a year, the program paid out around $460,000 [€349,000] to roughly 200 individuals. We’re confident beyond any doubt the program has made Google users safer," it added.

Up until now, the gravest vulnerabilities have been rewarded with $3133.7, €2,380 less serious ones with $1337, €1015 or $500, €379. Under the new rules, the money is much better.

The biggest threats will be rewarded with $20,000 on most Google websites, except for acquisitions and low priority services. Bugs that earn this kind of money allow remote code execution.

Researchers that report SQL injections and similarly serious bugs will earn $10,000, €7,600 on most Google sites and products. A regular XSS (cross-site scripting) vulnerability will earn $3,133.7 on accounts.google.com or $1337 on other important Google sites.

Along with the monetary rewards, the rules of the program have also changed. The idea is to put more emphasis on the important sites and less on the more obscure ones.

The login service Google Accounts is critical and attracts the biggest rewards. Other big properties, Search, Wallet, Mail and so on are also worth higher rewards. At the same time, sites that Google has acquired or that aren't crucial, think Google Art Project, will earn smaller sums.


880 hits
Link to this article · Print article · Send to friend

MUST-READ RELATED ARTICLES:


Google Doodle Celebrates Mies van der Rohe Pioneering Architectural Style
YouTube Will Stream the Entire Coachella 2012 Festival Live and for Free
Google Chrome 20 Is Here, Not in the Dev Channel Yet
Google Drive Landing as Early as Next Week, It's DOA with Only 1GB Free Storage
Study Finds IE 9 the "Fastest" Windows Browser, but Opera Mini Is Faster

READER COMMENTS:



No user comments yet.
Be the first to express your opinion!
Copyright © 2001-2013 Softpedia. Contact/Tip us at

WindowsGamesDriversMacLinuxScriptsMobileHandheldNews

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   UPDATE YOUR SOFTWARE   |   ROMANIAN FORUM
© 2001 - 2013 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are
registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use