Slashdot Mirror


Google To Pay $500 For Bugs Found In Chromium

Trailrunner7 writes to mention that a new program from Google could pay security researchers $500 for every security bug found in Chromium. Of course if you find a particularly clever bug you could be eligible for a $1337 reward. "Today, we are introducing an experimental new incentive for external researchers to participate. We will be rewarding select interesting and original vulnerabilities reported to us by the security research community. For existing contributors to Chromium security — who would likely continue to contribute regardless — this may be seen as a token of our appreciation. In addition, we are hoping that the introduction of this program will encourage new individuals to participate in Chromium security. The more people involved in scrutinizing Chromium's code and behavior, the more secure our millions of users will be. Such a concept is not new; we'd like to give serious kudos to the folks at Mozilla for their long-running and successful vulnerability reward program."

5 of 175 comments (clear)

  1. Re:Nice idea, but limited scope by causality · · Score: 0, Redundant

    You've got it backwards. She was providing context, not removing it. The original full quote was:

    "We will typically focus on High and Critical impact bugs, but any clever vulnerability at any severity might get a reward."

    Amazing how the mods will go with the GP's (incorrect) take on things rather than take the 800 milliseconds necessary to see for themselves that it was not a "Troll" post, as it is currently modded. Carelessness 1, High-quality Moderation 0. Shocking, I tell you, shocking.

    --
    It is a miracle that curiosity survives formal education. - Einstein
  2. Obligatory Dilbert Quote by nobodyman · · Score: 0, Redundant
  3. Re:No adblock plus by Chameleon+Man · · Score: 0, Redundant
  4. Re:No adblock plus by jrbrtsn · · Score: 0, Redundant

    AdBlock for Chrome! Blocks ads all over the web

    I'm using it right now, and works as good as adblock+ in Firefox.

  5. No $500 for you, & here is why: A BETTER WAY by Anonymous Coward · · Score: -1, Redundant

    1.) HOSTS files eat no CPU cycles like browser addons do no less!

    2.) HOSTS files are also NOT severely LIMITED TO 1 BROWSER FAMILY ONLY... browser addons, are. HOSTS files cover & protect (for security) and speed up (all apps that are webbound) any app you have that goes to the internet (specifically the web).

    3.) HOSTS files allow you to bypass DNS Server requests logs (via hardcoding your favorite sites into them to avoid not only the TIME taken roundtrip to an external DNS server, but also for avoiding those logs OR a DNS server that has been compromised (see Dan Kaminsky online, on that note)).

    4.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than DNS servers can by FAR.

    5.) HOSTS files also allow you to not worry about a DNS server being compromised, or downed (if either occurs, you STILL get to sites you hardcode in a HOSTS file anyhow in EITHER case).

    6.) HOSTS files are EASILY user controlled, obtained (for reliable ones -> http://en.wikipedia.org/wiki/Hosts_file ) & edited too.

    7.) HOSTS files aren't as vulnerable to "bugs" either like programs/libs/extensions of that nature are, OR even DNS servers.

    8.) HOSTS files are a solution which also globally extends to EVERY WEBBOUND APP YOU HAVE

    9.) HOSTS files are also EASILY secured well, via write-protection "read-only" attributes set on them, or more radically, via ACL's even.

    10.) ADBLOCK DOES NOT ALLOW A USER DIRECT EASILY EDITABLE CONTROL OVER WHAT IT BLOCKS & HOSTS do, via texteditors like notepad.exe (afaik, @ least - feel free to correct me IF I am in error here (thanks)).

    APK