platform. The identified software bugs could let attackers compromise
mobile phones, cars, tablets and other gadgets backed by the search
giant’s mobile operating system.
Android security researchers are making serious money detecting
software bugs in the operating system. Going forward, the Mountain View
internet firm said that it will now award 33 percent more for high-quality
bug reports with proof of concept. This means a report on critical
security issues with proof of concept will now be awarded $4,000 instead
of $3,000. The update affects all bug reports filed after June 1, 2016.
Android Researchers Get Over $550,000 From Google For Finding Bugs
The Alphabet subsidiary started its Android Security Rewards program
in June 2015, awarding cash to hackers who find security issues in its
mobile OS as well as Nexus phones and tablets. Google
is significantly raising cash rewards for the program’s second year.
According to CNET, the company will now award $50,000 up from $30,000
for finding bugs.
The impressive $550,000 amount is actually over double the figure big
G announced early this year. Nonetheless, the company is celebrating
the program’s first anniversary by increasing the stakes even further.
Google’s Android
bug bounty program, which started last year, has so far paid out a
total of $550,000 to hackers. In the past year, the Internet giant has
received over 250 security issues related to its mobile operating
system. PC Magazine reports that 2016’s top researcher, @heisecode, was
awarded $75,750 for 26 reports, and 15 individuals were awarded $10,000
or more.
Finding and fixing security flaws could greatly improve Android’s
security. According to Engadget, participants are also encouraged to
report vulnerabilities outside the OS. The search behemoth revealed that
over a quarter of flaws were reported in code developed and used
outside the mobile platform’s open source project.
Security vulnerabilities can be used to gain access to other computer
systems and obtain personal data. Google said in a blog post that
finding and squashing device driver and kernel bugs help improve
security of the broader mobile industry.
Bug bounty programs from software companies are not the only way to
make money from security holes. The Federal Bureau of Investigation
(FBI) reportedly paid nearly $1 million for a hack that allowed access
to an iPhone used by one of the shooters in the San Bernardino terror
attack last December.
The search giant paid 82 individuals more than $550,000 in the last
year for finding bugs in the Android operating system. That means Google
paid an average of $2,200 per reward and $6,700 per security
researcher. The company also has similar bug bounties for Chrome and its
other services, and has paid out over $1 million in rewards.
0 Comments:
Post a Comment
Your comment and facebook share will be appreciated