Wednesday, 17 June 2015

Google Will Pay Researchers For Android Leaks

After reward programs for Chrome and other Google products, the Internet giant is now paying researchers for bug reports in Android . In addition there are rewards distributed to researchers who develop patches making the entire ecosystem safer.

The highest remuneration shall be for researchers who know how to circumvent the security of the Android platform and the sandbox security. For small leaks Google pays $ 500, while critical vulnerabilities are worth $ 2,000. If the investigator in addition to leak a patch and compatibility test suite (CTS) develops is paid $ 8,000. A series of exploits that an app or an attacker with physical access to the kernel can compromise providing $ 10,000. In case the verified boot is compromised researchers receive $ 20,000.

Is an attack carried out remotely, wait for an amount of $ 30,000. The reward program applies to vulnerabilities in the latest versions of Android Nexus phones and tablets that are currently offered in the US Google Store. It still comes to the Nexus and Nexus 6 9. "Open security research is a strong point of the Android platform. The more security research focuses on Android, the safer it will be," said Android security engineer Jon Larimer.

No comments:

Post a Comment