Hacking contests are a great way for tech companies to discover security flaws that may otherwise go undetected (or worse, unreported and exploited by nefarious types). Bug bounty programs serve as a solid first step in getting independent security researchers to help out but sometimes, a massive prize pot – like what Google is offering in its new Project Zero Prize – can be even more effective.
Project Zero exploit enthusiast Natalie Silvanovich notes that the goal of the contest is to find a vulnerability or bug chain that achieves remote code execution on multiple Android devices – specifically, the Nexus 6P and Nexus 5X – knowing only the phone number and e-mail address associated with each device.
A contest participant can only open an e-mail in Gmail or an SMS in Messenger – outside of this, no other user interaction with the devices is allowed.
The contest, which runs through March 14, 2017, will see the first winning entrant take home a whopping $200,000. Second place is good for $100,000 and Google says at least $50,000 will be awarded to additional winning entries.
In terms of prize money, it’s kind of like a bug bounty program on steroids.
Given the structure of the contest and the fact that whoever submits a winning entry first wins, those interested in participating should get to work ASAP. Official contest rules can be found over on the Project Zero website.