Google Backs Chrome with $1m Exploit Bounty

I just love it when a big company with lots of financial resources puts its money where it’s mouth is.

Today, Google basically put a bounty on any exploits of its Chrome browser by offering cash rewards if hackers can find a bone fide exploit.

This does two things:

First, it’s a public display of Google’s belief that Chrome is solid. In other words, you wouldn’t spend a million bucks (even if you have tons of cash) if you knew you had exploits. So this is Google saying, “we know we’re good” and we’ll prove it with this contest.

Next, its a relatively good way to take advantage of “free” resources within the hacking community that Google would otherwise have to pay. In essence, it’s crowd-sourcing the browser and it will compensate any results. Of course if you don’t find an exploit, you don’t get compensated. So basically Google gets to test Chrome without having to pay the testers.

I’m glad Google continues to invest in keeping Chrome malware and exploit free. It’s not something new (paying hackers for exploits), but it’s still a innovative approach.

%d bloggers like this: