Google praises $ 1 million for Chrome exploits

Google wants hackers reward for finding exploits in Chrome with prices between 20,000 and $ 60,000, depending on the zwaarheid of the exploit. Google this would be normal in the pwn2own contest to do, but see there this year.

The prices that Google wants uitloven are twenty thousand dollars for a bug in Flash, Windows 7, or security holes that are not in Chrome itself but that is a security risk in Chrome. An exploit that is partially in Chrome, like a bug in WebKit in combination with the Windows 7 sandbox is good for forty thousand dollars. The largest amount, sixty thousand dollars, goes to exploits of which the origin only, and only in Chrome. Winners get a Chromebook. All exploits should be in Chrome with a local user on Windows 7 be found. The total prize pool amounts to 1 million dollars.

Google does normally always part of the pwn2own contest at the annual CanSecWest-security conference, but the company sees there this year. Instead, it is the “Chromium Security Rewards” program is started. Reason for not participating is a small adjustment to the wedstrijdsreglement: that now says that participating hackers the details of the exploits are allowed to release, while they last year had to release. Google wants to know details of the bugs to be able to close.

Google is known for its program where hackers are rewarded for discovered bugs or exploits in Google. Recently, the company still 310.000 euro reward in the prospect for finding security risks on the website of Google. The Mozilla Foundation also uses rewards for the reporting of bugs in its Firefox browser.