Google’s bug bounty program: Barbarians at the gate

Google will reward hackers who find vulnerabilities using scripting language or injecting code onto a Web page

By Ian Paul, PC World |  Internet, bug bounty, bugs

Google has run a similar vulnerability program for close to a year for its Chromium Web browser open source project. Hackers are invited to find weaknesses in Chromium (the browser where new code for Google's Chrome browser is tested), and earn a cash reward and credit for their find. The concept was inspired by a similar program run by the Mozilla Foundation (makers of the Firefox browser).

Although Google's Web apps are not open source software, the bounty program also adheres to the philosophy of open source projects that the more eyes you have looking at something, the more likely you are to find flaws and improve it.

Why is the top bounty $3,133.70?

Hackers can be rewarded anywhere from $500 to $3,133.70 for finding a flaw in Google's Web apps. The company doesn't say why the top prize is such a strange number, but Google is well known for embedding geeky jokes into its products and services. The original Chromium bounty, for example, was $1,337, a nod to the code system Leet.

Leet replaces letter with numbers to let users send "secret" messages to each other. In Leet, 1337 corresponds to LEET, and 31337 would be ELEET (elite). If you've got any other guesses as to why Google chose $3,133.70 as its top bounty let us know in the comments.

Ultimately, Google's Bug Bounty program should not affect regular users and may even improve security for the Google products you use every day. Not a bad idea considering Google had to deal with suspected attacks from hackers based in China this year.

Connect with Ian ( @ianpaul ) on Twitter.


Originally published on PC World |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question