Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Releases Chrome 6, Pays $4337 In Bounties

Posted by timothy on from the working-in-the-background dept.

Trailrunner7 writes "Google has released a new version of its Chrome browser and has included more than a dozen security fixes in the update. The new version, 6.0.472.53, was released two years to the day after the company pushed out the first version of Chrome. Google Chrome 6 includes patches for 14 total security vulnerabilities, including six high-priority flaws, and the company paid out a total of $4,337 in bug bounties to researchers who reported the vulnerabilities. A number of the flaws that didn't qualify for bug bounties were discovered by members of Google's internal security team." (Read on for more, below.) Also on the Chrome front, morsch writes "Chrome 7 for Linux is planned to tie in with the Gnome Keyring and the KDE Wallet to securely store saved browser passwords. Users of the stable version of Google's Webkit-based browser might be surprised to find out that, so far, passwords are stored on the hard disk as clear text. On Windows, Chrome has always used a platform-specific crypto API call for encrypted storage. The corresponding Linux function was never implemented — until now. Unstable versions of Chrome 7 still disable the feature by default; it can be enabled using a parameter."

3 of 177 comments (clear)

  1. Are you feeling safe punk ?? by Anonymous Coward · · Score: 0, Troll

    So you removed them all but Google. You're saying to yourself, if google reads my mail, and stores my searches, and takes pictures of where I live, do I feel like I can use their browser? You trust Google knowing this ?? YYu are one fucking idiot !!

  2. Re:Wheel of Bug Chasers! by insufflate10mg · · Score: 1, Troll

    Give ME a break. I can't believe the "bug bounty hunters" would really sell a Google vulnerability for a thousand dollars - I used to mindlessly wipe asses and roll people over for two weeks for that. It's an insult to their intelligence considering the amount of work they put into the penetration-testing/logic analysis involved. An average-sized college internet-portal exploit would be worth $1,000... let alone one of the largest web services company in the world. I think $10,000 is much more appropriate.

  3. Re:warning... haiku by Superdarion · · Score: 0, Troll

    That doesn't have any of the elements of a haiku. It's just a poem, you pompous ass.