Get $500-$1337 for finding Google Chrome bugs (or Firefox if you prefer more...)

Custom Search

Hack in The Box
TechAirlines
Wallpapers
Computer Forensics Boot Camp
Electricity Prices
Texas Electricity
Electricity Rates in Texas
Electric Companies in Texas
Experts Galaxy
NewsApp Portal

[Welcome to SCforum.info - Security [CENTRAL] Forum]

Welcome to SCforum.info - Security [CENTRAL] Forum, a home of the SCF Community devoted to provide Computer related News, Alerts, Downloads and FREE Help in such a way that even the novice computer user can understand.

Getting started using our community is extremely easy, check the two steps below:

Step 1: Create an account by clicking here and wait for approval from Administrator. It's completely free with no hidden strings attached.

Step 2: If you have a computer problem and need some help, or just want to take part in opened discussions, simply browse Forum. Once you *Register an account, you can quickly post your questions and comments.

(*Registered Members get: free support, also, they can communicate privately with other members via PM, removal of this message, see fewer ads and much more...)

[Samker]

Following in the footsteps of Mozilla, Google issued a statement yesterday in their Chromium blog that they are implementing a reward system for developers who find bugs in the Google Chrome web browser in an attempt to lure more users in the Chromium community.

While Mozilla offers up to $500 for bug reports, Google will offer a base reward of $500 to anyone who submits an eligible bug. If a user finds a severe or clever bug, Google will pay up $1337 (surely appealing to all of our inner geeks) to the developer who discovers it.

Flaws must be submitted through the Chromium bug tracker, and all submissions will be considered by a panel of engineers. That includes bugs in Chromium, Chrome and plug-ins such as Google Gears.

The statement claims that some of the most interesting security bugs were discovered by third party developers, and that by offering such an incentive system, the browser wil be more secure. This will also be an ongoing program, with no ending deadline. Participating researchers are asked not to publicly reveal the bug prior to reporting to Google: "responsible disclosure is a two-way street and Google admits their job will be to fix the reported issues in a reasonable time frame."

This is definitely a good thing for open source developers, as there are definitely many open source applications which are maintained by people who receive no money for doing so.

(NeoWin)

More info for Chrome $$$: http://blog.chromium.org/2010/01/encouraging-more-chromium-security.html

More info for Firefox $$$: http://www.mozilla.org/security/bug-bounty.html

[Samker]

Google Pays $3,133 To Researcher For Squishing Bug In Chrome

It seems that Google is very keen to squish bugs in its Chrome browser; so much so in fact that, according to Infoworld, it has paid one researcher $3,133 for finding a single bug. Researcher Sergey Glazunov discovered a flaw related to "stale pointer in speech handling." This apparently affects the code in the application which handles allocation of RAM. Google's Chrome programming manager, Jason Kersey, had this to say:

We’re delighted to offer our first “elite” $3,133 Chromium Security Reward to Sergey Glazunov: http://blog.chromium.org/2010/07/celebrating-six-months-of-chromium.html
Critical bugs are harder to come by in Chrome, but Sergey has done it. Sergey also collects a $1337 reward and several other rewards at the same time, so congratulations Sergey!"

This is the first time that a critical bug has been discovered since Google launched the scheme in December of last year. According to Infoworld, all in all, Google paid Glazunov $7,470, and a total of $14,000 to various researchers including Glazunov.

The browser currently has a 10% share of the market in terms of users, so security is a key priority for Google, as attacks and malware become ever more sophisticated. Google plans to continue the program for the foreseeable future as it provides a key incentive for independent researchers such as Glazunov.

The latest version of Google Chrome can be downloaded from here or via the automatic updates function.

(NW)