Google Chrome Bounty: Researcher Given $31,336 For Finding Security Flaws In Chrome

Programmer Earns Money For Identfying Security Bugs In Chrome

  on

Security is a top issue for Google, and the search engine giant from Mountain View, Calif., is apparently willing to pay independent programmers that can catch any flaws in its many software applications.

Last week, Google paid a $31,336 bounty to researcher Ralf-Phillip Weinmann for identifying three bugs in Chrome OS that could be used by hackers. According to The Hacker News, these were serious vulnerabilities that exploited a Javascript API for creative interactive 3D Web apps.

Wienmann’s prize comes from Google’s Chromium Vulnerability Reward Program, which aims to pay researchers for identifying security issues with Chromium, the developer version of Chrome. Google started the program in 2010 and has awarded more than $1 million to security researchers.

An independent study recently found Google to be the safest search engine and about five times safer than Bing. Google attributes a significant drop in reported security issues to the reward program.

These “bug bounty” programs are gaining in popularity, and in value, as security becomes an increasingly important issue. Last week, a hacker attack on the AP’s Twitter account produced frightening real-world consequences and showed serious flaws with Twitter’s security.

Several companies offer cash rewards for identifying bugs and security vulnerabilities, including Facebook, Mozilla and PayPal. Google’s bounty tends to be the most sought-after, as it names security researchers publicly and grants large rewards.

Google has addressed the flaws found by Wienmann, and the latest updates to devices running Chrome OS include these security fixes.  

Join the Discussion