Google offers massive cash reward to Chrome hackersby Steven Mostyn - Feb 29 2012, 18:17
Having remained unbroken during the Pwn2Own contest at CanSecWest since 2009, the Chrome browser is having a target painted on its chest this year following news that Google is willing to pay out sizeable cash amount to those who hack through its platform.
According to Google, it will host a CanSecWest competition called Pwnium, during which successful hacks regarding Chrome-specific bugs and flaws will pay out between $20,000 USD and $60,000 USD—up to a combined total of $1 million USD.
Clearly bringing the full weight of its industry positioning to bear, Google’s prize fund far exceeds that offered by computer giant Hewlett-Packard, which is tabling first to third prizes of $60,000 USD, $35,000 USD and $15,000 USD in its Pwn2Own competition.
Although it may seem unusual for industry giants to splash the cash in return for having their creations publicly torn apart, one of Google’s stipulations is that all details regarding successfully exploited hacks are turned over to its security team so they can strengthen Chrome.
“Not only can we fix the bugs, but by studying the vulnerability and exploit techniques we can enhance our mitigations, automated testing and sandboxing,” said Chrome security engineers Chris Evans and Justin Schuh in an official Chromium blog post. “This enables us to better protect our users.”
CanSecWest, Pwn2Own and Pwnium will be held in Vancouver, Canada, between March 7 and March 9.