Google has been known for it’s bonuses that it pays for real world hackers who find exploits in their products and services, reports them and then replicates them. Bonus payments have often ranged between $1000 and $10,000 with the $10,000 prizes being saved for what Google calls “particularly significant contributions.”
Google initially debuted the bug bounty program in January of 2010 and since then has paid over $900,000 for various bugs and fixes. They’ve also created a hackathon contest of sorts that’s held in March during the CanSecWest security conference. The contest, called Pwnium 4, is a geeky play on the full name of Google Chrome, Chromium.
This year, Business Insider reports, that Google has upped the payouts to $2.71828 million dollars. The amount of the payouts is also a geeky tribute, in this case to the “mathematical constant e”.
The top prize for a hack delivered by a web page that let’s a hacker control a Chrome OS PC even after reboot is a whopping $150,000. Google will also pay $110,000 for other serious holes found in Chrome, and of course they will pay other bonuses for finding smaller exploits.
Last year a hacker that went by the name Pinkie Pie, collected $40,000 at Pwnium 3 for finding a “plausible bug chain involving video parsing, a Linux kernel bug and a config file error.” Pinkie Pie had a flaw in his exploit but Google paid him anyway saying ” we’d like to thank Pinkie Pie for honoring the spirit of the competition by disclosing a partial exploit at the deadline, rather than holding on to bugs in lieu of an end-to-end exploit. This means that we can find fixes sooner, target new hardening measures and keep users safe.”
Of course Google will continue to payout bonuses throughout the year when big exploits are reported to them.
Image: Techspot