Google Paying $1M to Hack Chrome at Security Conference
There’s plenty of cash up for grabs at the CanSecWest digital security conference in Vancouver on March 7-9 – all courtesy of Google – if you’re able to expose vulnerabilities in the Chrome browser.
If you execute a full Chrome exploit, Google will give you $60,000 provided you use only bugs in Chrome to hack in, or take $40,000 for a partial Chrome exploit based on at least one bug in Chrome itself. And a great consolation prize of $20,000 is still available if you don’t use bugs in Chrome but opt for bugs in one or more of Flash, Windows or a driver.
Google provided the rationale in a blog post: “The aim of our sponsorship is simple: we have a big learning opportunity when we receive full end-to-end exploits. Not only can we fix the bugs, but by studying the vulnerability and exploit techniques we can enhance our mitigations, automated testing, and sandboxing. This enables us to better protect our users.”
While other browsers including Internet Explorer, Firefox and Safari have been hacked by researchers over the past three years at the security conference, Chrome has been left untarnished.
“While we’re proud of Chrome’s leading track record in past competitions, the fact is that not receiving exploits means that it’s harder to learn and improve. To maximize our chances of receiving exploits this year, we’ve upped the ante. We will directly sponsor up to $1 million worth of rewards,” Google added.