Google has paid $ 300,000 for the vulnerability in Chrome, including the Chrome OS

Google celebrates two years since he began offering cash prizes for reporting security vulnerabilities in Chrome and related technologies. During that time, Google has paid hundreds of thousands of dollars to researchers who have helped to reveal vulnerabilities in its products.
Currently, Google is developing a program to include issues of Chrome OS as well as introducing some "bonus" for new ones that give some solutions to the vulnerabilities that they find.
Chris Evans, Google Chrome Security, wrote: "We have issued more than $ 300,000 [€ 226,000] as a token of appreciation for the hundreds of bugs in all of them qualify, and we immediately corrected. It also helped inspire a wave of similar efforts from companies all over the web. "
"We have been fascinated by the variety and ingenuity of bugs delivered by dozens of researchers. We've received a bug around each component, ranging from system software (Windows kernel / Mac OS X graphics library / GNU libc) for Chromium / WebKit code and to the library popular open source (libxml, ffmpeg), "he explained.
Google has paid for serious security bugs in Chrome, different amounts depending on their severity. So far, that is only for the desktop version, but Google as well, is developing a program for the Chrome OS for the parts not covered by existing programs.
Chrome OS may be too small to attract the attention of attackers and vulnerabilities have been able to largely overcome by improvements in Chrome. But there are certain components that are now covered by the awards program as a bug in the Linux kernel used in the Chrome OS.
Guarantee / awards also include the issue on the pepper version of the Flash Player plugin and a bug in the default application or extension, in essence, this is related to any vulnerability on one of the default component of the Chrome OS.
Google is not the first to pay for research on security vulnerabilities, but the program from google is one of the largest and most successful and has been adopted by other companies, including Mozilla.

(Source: Beritanet.com, 2012)

0 komentar:

Post a Comment