Google raises bounty on software bugs
Google has paid out about $460,000 since it established the Vulnerability Reward Program through which hackers probe the system for bugs.
Mon, Apr 23, 2012 at 03:37 PM
SAN FRANSISCO — Google on April 23 raised to $20,000 its bounty on software bugs that hackers could exploit for cyber attacks on the Internet giant's online services.
The maximum reward for exposing a vulnerability that would let an intruder's code get up to mischief in a Google datacenter was ramped up from the $3,133.70 payout set when the bounty program launched in November of 2010.
"When we get more bug reports, we get more bug fixes," Google security team manager Adam Mein told AFP. "That is good for our users; that is good for us."
Google has paid out approximately $460,000 since it established the Vulnerability Reward Program.
Of the 11,000 software flaws reported to Google, more than 780 qualified for rewards ranging from $300 to the maximum, a figure selected because the digits translate into a technical term in a hacker programming language.
The bounty was raised to inspire software savants to hunt for difficult-to-find, and potentially perilous, bugs hidden deep in programs, according to Mein.
"We want them to know the reward is there for them if they find the most severe bugs," Mein said.
Bugs found in more sensitive services such as Google smartphone "Wallet" software tends to merit more generous rewards.
People vying for bounties have tended to be computer security professionals; engineering students honing their skills, and website operators, according to Google.
Copyright 2012 AFP Global Edition