Google ups bug bounty in response to Mozilla

In a somewhat unsurprising move, Google today upped the bounty it offers for finding critical security vulnerabilities in its popular Google Chrome web browser. 

The program, which was launched back in January, aims to make the browser as secure and safe as possible by offering rewards to "external researchers". According to the Google post back in January, the company is "rewarding select interesting and original vulnerabilities reported to us by the security research community." And had noted that it "may be seen as a token of [Google's] appreciation."

Slashdot says that, supposedly the bounty being increased is likely due to Mozilla increasing their maximum bounty level to $3000 earlier this week. Google says that the amount will be probably be used for SecSeverity-Critical bugs in Chromium. They also say that "the increased reward reflects the fact that the sandbox makes it harder to find bugs of this severity."

The blog post goes on to point out that the panel will consider rewarding less serious bugs with more money, if the bug reports are of a high-quality. A high quality bug report could include a "careful test case reduction, an accurate analysis of root cause, or productive discussion towards resolution."

Mozilla earlier this week bumped the maximum reward for finding a bug in Firefox/Minefield to $3000. Mozilla's bug reward program was launched in 2004, and has been running for six years.

If you are interested in helping with security bug reporting for Chrome, get started by reading this post. For Mozilla's bug reward program, read this post.
 

Report a problem with article
Next Article

Did Facebook founder give up his ownership stake?

http://www.neowin.net/images/uploaded/droid-2-r2-d2.jpg
Previous Article

Rumor: Droid 2 to launch on August 12 including a special R2D2 edition

6 Comments - Add comment

Advertisement