Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Up Ante For Disclosure Rules, Increases Bug Bounty

Posted by kdawson on Tuesday July 20, 2010 @03:03PM from the responsibility-cuts-both-ways dept.

An anonymous reader writes "In a recent post by seven members of their security team, Google lashed out against the current standards of responsible disclosure, and implicitly backed the recent actions of Tavis Ormandy (who is listed as one of the authors). The company said it believed 60 days should be an 'upper bound' for fixing critical vulnerabilities, and asked to to be held to the same standard by external researchers. In another, nearly simultaneous post to the Chromium blog, Google also announced they are raising the security reward for Chrome vulnerabilities to $3133.7, apparently in response to Mozilla's recent action."

5 of 134 comments (clear)

Min score:

Reason:

Sort:

Elite by ceraphis · 2010-07-20 15:13 · Score: 5, Funny

Google also announced they are raising the security reward for Chrome vulnerabilities to $3133.7
That's quite the elite sum of money to use as a reward.
NERDS by Anonymous Coward · 2010-07-20 15:16 · Score: 3, Funny

NERDS!
I just found a bug... by bi$hop · 2010-07-20 15:18 · Score: 5, Funny

Dear Google,

I just found a bug in Gmail. We should talk.

Sincerely,
Chinese Hacker
1. Re:I just found a bug... by gmhowell · 2010-07-20 17:30 · Score: 2, Funny
  
  3000 yuan is a fairly significant amount of money in China.
  Karma be damned, but that's like bragging about being the skinniest kid at fat camp.
  
  --
  Jesus was all right but his disciples were thick and ordinary. -John Lennon
Jeopardy! by jrivar59 · 2010-07-20 15:46 · Score: 3, Funny

I can only conclude that this Jeopardy! winner now works for Google.