Google's Bug Bounty for a Chromebook Hack Rises to $100,000

by Ostatic Staff - Mar. 15, 2016

We've reported a few times on bug bounties--cash prizes offered by open source communities to anyone who finds key software bugs--ranging from bounties offered by Google (for the Chrome browser) and Mozilla. This open method of discovering security vulnerabilities has been embraced at Google, especially. In fact, Google has offered up as much as $1 million to people who identify key vulnerabilities in the Chrome browser.

Now, Google is leveraging bug bounties to help identify and cure problems in its Chrome OS platform, which is a growing cloud-centric platform. The company has doubled the bounty it will pay for a successful exploit of its Chromebook laptop to $100,000, and that is sure to attract some effective exploits.

The reward--nothing to shake a stick at--will go to the person who finds a persistent compromise of a Chromebook in guest mode, according to Google's security blog.

According to the post:

"Since 2010, we've happily rewarded researchers who find and report security issues to us through Google’s Security Reward Program. Last year, Google paid researchers more than $2,000,000 for their work to make Google users safer."

"Last year we introduced a $50,000 reward for the persistent compromise of a Chromebook in guest mode. Since we introduced the $50,000 reward, we haven’t had a successful submission. That said, great research deserves great rewards, so we’re putting up a standing six-figure sum, available all year round with no quotas and no maximum reward pool."

 Security, of course, has been a calling card for Chrome OS. Software updates are applied automatically , Web pages and applications in sandboxes, and each time you boot a Chromebook, there are verification and authentication routines run.

"We look forward to seeing some amazing bugs," the Chrome team reports.