Google are SUPREMELY confidence about the integrity of their Chrome Browser.
They are offering up to $1 million in cash and Chromebooks in exchange for revealing the flaws.
“The aim of our sponsorship is simple: we have a big learning opportunity when we receive full end-to-end exploits. Not only can we fix the bugs, but by studying the vulnerability and exploit techniques we can enhance our mitigations, automated testing, and sandboxing. This enables us to better protect our users,” the Google Chrome security team wrote in a blog post.
$60,000 – “Full Chrome exploit”: Chrome / Win7 local OS user account persistence using only bugs in Chrome itself.
$40,000 – “Partial Chrome exploit”: Chrome / Win7 local OS user account persistence using at least one bug in Chrome itself, plus other bugs. For example, a WebKit bug combined with a Windows sandbox bug.
$20,000 – “Consolation reward, Flash / Windows / other”: Chrome / Win7 local OS user account persistence that does not use bugs in Chrome. For example, bugs in one or more of Flash, Windows or a driver. These exploits are not specific to Chrome and will be a threat to users of any web browser. Although not specifically Chrome’s issue, we’ve decided to offer consolation prizes because these findings still help us toward our mission of making the entire web safer.
Onuora Amobi is the Founder and VP of Digital Marketing at Learn About The Web Inc. Onuora has more than a decade of information security, project management and management consulting experience. He has specialized in the management and deployment of large scale ERP client/server systems.
In addition to being a former Microsoft MVP and the founder and editor of EyeOnWindows.com, he is the CEO of a Pasadena based online marketing education startup - Learn About The Web Inc. (www.learnabouttheweb.com).