ads 728x90

Google offers up to 150.000 $ for a flaw in Chrome OS

Google is very interested in the security of their system Chrome OS. Now that Chromebooks are beginning to realize the scores of interesting sales, the company has an interest in shielding its defenses. She is organizing a contest to find and document faults. And Google gives itself the means of its ambitions.

In addition to the contest Pwn2Own

Google has already done twice competitions safety. Pwnium baptized, they allow security experts and others to consider the defenses of the Chrome browser to find faults. If gaps are found and properly exploited, Google pays in hard cash. The amount depends on the degree of exploitation and danger of the fault.

This year's CanSecWest conference will be held from 6 to 8 March in Vancouver. As always, it will host a contest called Pwn2Own security in which all browsers should be undermined. It is an important meeting to take stock of the level of security offered by each browser. However, Google will be present at this competition, the content of its own competition Pwnium be changed this time.

Up to 150 000 dollars for a vulnerability exploited and documented

As stated in a post on Google's blog, this time aimed Pwnium Chrome OS. With an increasing number of machines in the direction of several manufacturers and an increase in sales, the operating system may clearly attract attention. To attract hackers and security researchers, Google will also do not mince words: the rewards are much greater than those usually awarded.

More than three million will be distributed in total. The degree of rewards depends on the type of fault, but the exploitation and hence compromise the system must always be part of the demonstration:

  • For a flaw in the browser or system compromise in guest mode or a user connected, operated via a web page: 110 000 $.
  • For a vulnerability exploited and persistent invited guest, with a reboot meantime:150 000  $.

 Demonstrations will be made on a Samsung 5550 Series equipped with the latest stable release of Chrome OS. All components of the system can be used without limit, including the Linux kernel itself and drivers.

Google insists on an essential point: whatever the fault, it must be known. It must be documented and the method should be clearly explained. If several faults are used in a chain, the rule remains the same.

Obviously, it is for Google Chrome OS to attract people who can shine a light on his fairly crude system. Offering large sums of money, the firm can hope to motivate crowds and profits are very real: more vulnerabilities will be found in this way, Chrome OS will be less likely to be a vector of farms developed.

Google offers up to 150.000 $ for a flaw in Chrome OS Google offers up to 150.000 $  for a flaw in Chrome OS مراجعة من قبل fortech في 7:00 م تصنيف: 5