14 DAY TRIAL // Google has updated its bug bounty program for the upcoming year and has doubled a reward for a particular type of Chromebook exploit which no researcher has managed to crack during 2015.
According to the company's latest statement, its security team has decided it will give out a $100,000 (€90,000) reward to any security researcher that will put together a persistent compromise of a Chromebook device operating in guest mode.
The Google team first opened a reward for this type of exploit last year, but nobody managed to crack its laptops. The company is now hoping that the bigger bug bounty will attract more specialists that will look further into new ways of compromising its products.
Besides doubling an older reward, Google has also announced it will start providing bug bounties for any exploits that lead to a bypass of Google Chrome's Download Protection feature.
Google explains on its Chrome Rewards program page that researchers must land "a blacklisted test binary (malware example, UwS example) on disk where a typical user could execute it, on Mac or Windows. The file type on disk must lead to non-sandboxed code execution after minimal user interaction with the file."
Prizes for these types of reports can go up to $1,000 (€900), but Google has also left the door open for a higher reward in case of high-quality reports, accompanied by fully functional exploit code.
Earlier in January, Google said that it paid well over $2 million (€1.8 million) as bug bounty rewards for security experts around the globe. Ever since the program started in 2010, Google said it paid researchers more than $6 million (€5.4 million).