Forgot your password?
typodupeerror
Bug Google Security The Almighty Buck

Google Multiplies Low-Tier Bug Bounties By Factor of Five 29

Posted by Soulskill
from the all-about-the-william-mckinleys dept.
Trailrunner7 writes "Google's bug bounty program has been one of the more successful reward systems of its kind, and the company has regularly modified and expanded the program over the years to keep pace with what's going on in the industry. Google also has increased the rewards it offers for certain kinds of vulnerabilities several times, and the company is doing it again, raising the lower reward level from $1,000 to $5,000. This is the second major reward increase in the last couple of months. In June the company jacked up the amount of money it pays for cross-site scripting vulnerabilities in Google web properties to $7,500, and also raised the reward for authentication bypasses to that same level. Now, Google is giving researchers more incentive to find significant vulnerabilities in its Chrome browser."
This discussion has been archived. No new comments can be posted.

Google Multiplies Low-Tier Bug Bounties By Factor of Five

Comments Filter:
  • Re:more incentive? (Score:4, Insightful)

    by webnut77 (1326189) on Tuesday August 13, 2013 @04:19PM (#44557311)

    Isn't this just going to get people to sit on their bugs until the prize money goes up again? Obviously not right now, since an increase just happened, but in a few years; it wouldn't surprise me to see a fall-off in the number of bugs reported, followed by a very sudden increase after the next increase.

    It's a risk. There's always the possibility that someone else will find the same bug you do and cash in first.

  • Interesting (Score:4, Insightful)

    by g0bshiTe (596213) on Tuesday August 13, 2013 @05:17PM (#44558109)
    "giving researchers more incentive"

    Or conning people into using Chrome in the hopes they will find a nice bug and collect the bounty.

The first version always gets thrown away.

Working...