Google paying bounties for finding security holes in Android
Google has expanded its Patch Reward Program and will now reward those who help fix flaws in Android’s code.
Google is now offering bounties to those who find security holes in Android’s code. As explained in a blog post on the Google Online Security blog, the Patch Rewards Program has expanded to include the mobile platform of Android.
Those who find, patch, and report the vulnerabilities can earn anywhere from a few hundred dollars ($500) up to thousands ($3,133.70) of dollars. In some cases, Google will go considerably further and dole out bigger rewards. Heck, just last week someone going by the handle of Pinkie Pie netted themselves $50,000 for helping bring to attention a security hole in Chromium.
About a month ago, we kicked off our Patch Reward Program. The goal is very simple: to recognize and reward proactive security improvements to third-party open-source projects that are vital to the health of the entire Internet. We started with a fairly conservative scope, but said we would expand the program soon. Today, we are adding the following to the list of projects that are eligible for rewards:
- All the open-source components of Android: Android Open Source Project
- Widely used web servers: Apache httpd, lighttpd, nginx
- Popular mail delivery services: Sendmail, Postfix, Exim, Dovecot
- Virtual private networking: OpenVPN
- Network time: University of Delaware NTPD
- Additional core libraries: Mozilla NSS, libxml2
- Toolchain security improvements for GCC, binutils, and llvm
You might also like
Skype is a very inconsistent experience, especially when compared to it’s iOS counterpart. It seems, however, that Skype are fully aware of this. They just took to their blog to
The age of Android 3.0 begins today with the release of the Motorola XOOM. Grab the 10.1-inch tablet at a Verizon store near you!
The CM team has released their latest release candidate for CyanogenMod 10.1, RC3. According to their post on Google+, the RC3 release is a “small, incrimental change” from RC2, with