Google offers bounty for security bugs on its websites

By Emil
Nov 2, 2010
Post New Reply
  1. Google has begun offering cash for security bugs reported on its websites, following the success of its bug bounty program that pays hackers for finding security flaws in Chrome. The new vulnerability reward program applies to Google web properties (google.com, youtube.com, blogger.com, and orkut.com) but excludes Google's client applications (Android, Picasa, Google Desktop, and so on).

    Read the whole story
  2. ReMonster

    ReMonster Newcomer, in training

    It certainly isn't new, but it is a great approach to keep there toolset secure. It also helps to know they are actively trying to prevent issues before they occur, instead of the OLD microsoft approach of patching after exposure.
  3. Emin3nce

    Emin3nce Newcomer, in training Posts: 129

    We would like you to fix our bugs, but don't try really hard because you may actually find something? I mean, hear me out, crackers are usually 12 year old kids with a botnet who use automated scans etc to do a bulk of their work...

    Generally to fight that sort of threat, shouldn't researchers do that very act?
  4. shortie

    shortie Newcomer, in training Posts: 18

    Like Mozilla :)
  5. Hilarious that they made the max 3,133.7.!

    For those who don't "get it" - 3,133.7 = ELEET
  6. TechFox

    TechFox Newcomer, in training

    i think its an awesome idea, might make be brake out my old coding eye to check the sources and if i find nothing at least i've brushed up on the knowledge that i used to love. nothing like making money while hacking. most security is slacking for the most part. just have to think outside the box.
  7. AnonymousSurfer

    AnonymousSurfer TechSpot Enthusiast Posts: 312   +12

    I think this is a neat idea. I might have to go find some bugs...
  8. lawfer

    lawfer TechSpot Paladin Posts: 1,272   +90

    But what you "don't get" is, that you found that out using the very Google.
  9. HaMsTeYr

    HaMsTeYr TechSpot Maniac Posts: 387

    Reminds me of what mozilla did with firefox really. Still, its a good approach to helping create better, more secure software
  10. poertner_1274

    poertner_1274 secroF laicepS topShceT Posts: 4,745

    Since Google can afford this, I think it's brilliant. It does 2 things in my eyes. It helps them secure their domains, as well as potentially acquire new talent to use on their team should they find someone who finds multiple flaws and become a good asset to their design team.
  11. kaonis92

    kaonis92 TechSpot Enthusiast Posts: 117

    Let's all go on a bug-finding safari! I guess it's going to be difficult to find a bug in google's sites though!
     
  12. starfreezer

    starfreezer Newcomer, in training Posts: 16

    I like the way they make people do things for them via a positive reward system. A politic I definitely prefer over the usual "We will come after you with rakes and torches" kinda approach we hear from time to time. Let's not hope someone comes along a reward people even more money if they can make Google's systems fail... hmm, I suppose that already exist... hmm, does that mean that this reward from Google doesn't matter as those who can actually make systems fail will always be in front because they get more cash!! Arrr, brain is melting...
  13. fritz123

    fritz123 Newcomer, in training Posts: 56

    it's smart for google in doing so. sometimes you need an outsiders perspective. it's like putting your enemies in your side. im really amazed at google. clap clap clap
  14. TorturedChaos

    TorturedChaos TechSpot Chancellor Posts: 843   +11

    Not a brand new approach by any means, but still a good idea. Wouldn't mind seeing more companies do this. As starfreezer said, its always nice to see people try positive reinforcement for once.
  15. spyx

    spyx Newcomer, in training Posts: 57

    Count me in, first off---google buzz......
  16. theruck

    theruck Newcomer, in training Posts: 44

    who are those "hackers"? do they still exist? :)
  17. sMILEY4ever

    sMILEY4ever TechSpot Enthusiast Posts: 156

    :O I didn't get it but I do now. 1337 text is 1337.
  18. Puiu

    Puiu TechSpot Addict Posts: 1,035   +91

    It would be awesome if microsoft did the same for windows or other products.
  19. klepto12

    klepto12 TechSpot Paladin Posts: 1,364   +9

    i agree with puiu if the bigger companies did this it would be great its really to bad that microsoft and the such don't do this.
  20. hitech0101

    hitech0101 TechSpot Enthusiast Posts: 427   +19

    Google taking a nice step but this did take a long time it seems they had discussed a lot about this move that's the thing with Google they have in depth discussions whether to go ahead or not they.Since they went with it any way they could have done it a lot earlier.
  21. xcelofjkl

    xcelofjkl Newcomer, in training Posts: 86

    Can I be given a bounty for mere suggestions? Aesthetic changes? Functionality changes? He He.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.