Google offers cash for finding Web security holes

Taking a page from the Chrome playbook, Google has launched a program to encourage outsiders to find security vulnerabilities in its Web properties.

Under the Chrome vulnerability-finding bounty program, the company already has been paying varying sums to those who locate holes in the browser. Also part of the package has been mention on the Chromium security hall of fame and a public thank-you to those providing Google with sustained security help.

The duplication of the initial program is geared to uncover "any serious bug which directly affects the confidentiality or integrity of user data," members of Google's security team said in a blog post yesterday. Payments are commensurate with the seriousness of the vulnerability and include $500, $1,000, $1,337, and $3,133.70 (that's "leet" and "eleet" for the leetspeak-impaired).

"We are announcing an experimental new vulnerability reward program that applies to Google Web properties," the security team said. "As well as enabling us to thank regular contributors in a new way, we hope our new program will attract new researchers and the types of reports that help make our users safer."

Read more -here-

• Google releases emergency fix for new Chrome zero-day flaw
• Disney+, Hulu and Max team up for streaming bundle package
• OpenAI is reportedly working on a search feature for ChatGPT
• TikTok, ByteDance sue to block US law seeking sale or ban of app
• OpenAI partners with Stack Overflow to make models better at coding
• Dropbox breach exposes customer credentials, authentication data