Mozilla has recently upped its bug bounty -- meaning that any critical security bug you found and disclosed to Mozilla could net you a cool $3000.
Not to be outdone, Google has just announced that it will be awarding up to $3133.7 for critical bugs. This is not only $133.7 over what Mozilla offers, but also an obvious play on the word 'elite' in h4x0r-speak. It's also a typical example of Google's nerdy sense of humor.
If you look at the bigger picture, as ThreatPost has done in their coverage of the issue, you will see that this actually represents the beginning of a paradigm shift in the security world. Up until now, 'security researchers' (which is, pretty much, a clean name for hackers) had a tough moral dilemma: Do I take this security hole to Microsoft (or Google, or Mozilla, or Apple) and quietly wait until they fix it while getting little to no pay and recognition? Or do I go to the black market and sell it to an evil group who will give me $50,000 and use it to publish a zero-day exploit that takes the world by storm?
This is a tough call for some to make, but fortunately, Google and Mozilla are making it a bit easier to be 'the good guy.' Hopefully, other companies will follow suit.
Google now awards bug hunters up to $3133.7 for Chrome bugs originally appeared on Download Squad on Wed, 21 Jul 2010 08:15:00 EST. Please see our terms for use of feeds.
No comments:
Post a Comment