BobbyeM71hxwGoogle offers bounty for Chrome vulnerabilities

Google is offering a cash reward to security researchers for finding flaws in its Chrome web browser.

It would be doling out payments ranging from $500 to $1337 to developers who find and directly report security holes in the browser, said the company. The $1337 amount is an apparent homage to the hacker term ‘1337’ (pronounced “elite”.)

The payment system will apply to flaws in the Chromium open source project along with the Chrome browser and bundled components such as Google Gears.

The company was looking to bring more third party researchers into its midst, said Google Chrome security team member Chris Evans. Some of the most interesting security bugs have been fixed by researchers external to the Chromium projects, he wrote.

“Thanks to the collaborative efforts of these people and others, Chromium security is stronger and users are safer.”

Paying vendors for disclosure of flaws has been a tactic used by both developers and security vendors to encourage not only research, but responsible disclosure.

According to firm, it hopes that by offering cash rewards, researchers will report flaws to those who will patch them rather than malware writers who pay for new vulnerabilities to exploit.

Tags: , , , , , , , , ,