In an attempt to entice more security researchers, Google has doubled its initial offering to USD $100,000. The American firm is offering the reward in order to find security vulnerabilities on its Chrome-running laptop. The said device is called the Chromebook, its operating system based on the browser “Chrome,” hence the name.
One thing we can say about Google is that it is a bit more careful than most companies nowadays. Maybe more companies are the same as the American firm in valuing security measures; however, it is more vocal than most. It is not a secret that Google is always looking out for ways that might compromise or cripple its software; according to Inquisitr, having bounty rewards for hacking into its system is pretty common for Google.
Since 2010, the search engine has been encouraging and willingly offering rewards to hackers who have found security vulnerabilities in either its hardware or software. So it was not a surprise that it has called on hackers to crack its Chromebook’s security system last year. However, such call was left unanswered. Business Insider reports that because of these, the tech giant has decided to double its reward from the $50,000 bounty to $100,000.
The price, of course, only applies to cracking its so far “un-crackable” laptop. They do have other rewards for finding bugs on other systems, which start from $500 USD, or $1,337 USD if one provides a fix to the bug they have discovered. On a short note, do you know that the amount’s digit appears similar to the word “leet,” which is a hacker slang that means “elite hacker?” Guess Google’s sense of humor is not that bad.
Discovering vulnerabilities on its hardware and software also warrants a reward despite having an official bounty, if the submission qualifies based on its rules. There is no known official list of bounty rewards though and no official list of vulnerability discoveries has ever been published (so far!) or a list of rules regarding checking the company’s vulnerabilities.
With the latest official bounty offering comes a few requirements hackers have to comply with in order to qualify for the 100K reward. The announcement of the bounty, which is posted on the rewards page of Google, reads, “We have a standing $100,000 reward for participants who can compromise a Chromebook or Chromebox with device persistence in guest mode, i.e., guest-to-guest persistence with interim reboot, delivered via a web page.”
It means that you have to hack the Chromebook remotely over the web while the laptop in question is on “guest mode,” which undoubtedly is the mode laptops and computers have their defenses up. ZDNet also adds that the bounty is rewarded if the attacker’s code sticks around the device even after being rebooted and affects “subsequent guest mode sessions.”
This could prove challenging, as a Chromebook’s guest mode is locked-down, as it was designed to support device-sharing. Meaning at the end of a session, browser data and cookies are vanished to protect the owner’s Chrome profile from tampering attacks. So far, no one seemed to have cracked it, and while the team behind the laptop’s security is happy, they want to make sure which brings us to the recent reward bounty.
Google security team members said that “great research deserves great awards, so we’re putting up a standing six-figure sum, available all year round with no quotas and no maximum reward pool.” With that said, we say happy hunting!
For more technology news, you can subscribe to our newsletter. If you are a social media junkie and would like to receive updates on your timeline, then you can also like us on Facebook or follow us on Twitter.