Since 2010, Google has been rewarding hackers who find vulnerabilities in their systems. And now, Google wants to offer you a fat check, if you can remotely hack Chromebook. Don’t believe it? Well, Google doesn’t play games.
Google decided to double its price from last year’s $50,000 after no one was able to crack it.
So what’s the catch?
To qualify for the cash, one is must be able to compromise Chromebook from its guest mode and achieve guest to guest persistence, which means that the hacking must withstand a system reboot. Logging via guest mode in Chrome OS works like Chrome Incognito, where most browser apps and extensions are disabled, preventing the retention of cookies and browsing histories. In other words, signing in via guest mode limits the user when it comes to altering anything.
Until now, Google says no one has submitted an entry.
Why is google doing this?
According to developers, Google would consider it as a severe failure on their security if a hacker managed to compromise Chromebook in guest mode, with persistence. So Google wants to know if there exists any potential loopholes.
This is a win-win arrangement as security researchers who invest their time and effort in discovering security shortcomings are rewarded and Googles gets the opportunity to make Chrome OS more secure.
The company also has an extensive range of rewards, ranging from $500 to $15,000 for smaller bugs. If you also provide a well-written patch, you are rewarded with $500-$1,337. It doesn’t end there; Goole will pay hackers who identify other vulnerabilities even if they aren’t official. However, their security panel will determine the rules for qualifying submissions. The reward rules are posted here on Google’s app security page
Google paid a total of $2 million last year to hackers (security researchers) for identifying bugs and providing fixes.
More and more tech companies like Facebook are also starting to offer similar prizes in a bid to reduce system flaws.