Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Google will raise the value of prizes at its next Pwnium competition to be held at the upcoming Hack in the Box conference in Malaysia.
The company will increase the bounties it pays researchers who discover vulnerabilities in Chromium, the open-source framework on which the Chrome web browser is based.
It will hand out $2 million in payoffs at the hacking conference including $US60,000 for researchers who pull off a "full Chrome exploit," which involves an attack that leverages only vulnerabilities in the Chrome browser.
The internet giant also is giving away $US50,000 for a "partial Chrome exploit," which requires the use of bugs in third-party software.
"Exploits should be demonstrated against the latest stable version of Chrome," Google software engineer Chris Evans said.
"Chrome and the underlying operating system and drivers will be fully patched and running on an Acer Aspire V5-571-6869 laptop (which we'll be giving away to the best entry.) Exploits should be served from a password-authenticated and HTTPS Google property, such as App Engine. The bugs used must be novel i.e. not known to us or fixed on trunk. Please document the exploit."
Google launched the Pwnium contest in March at the CanSecWest hacker conference in Vancouver, at which it offered $US1 million in prizes.
It also announced it is adding $US1000 to its base bounty for Chromium vulnerabilities, doubling the previous value.
Evans said the company is augmenting the reward because it has noticed a dip in submissions to the bounty program, which launched in January 2010.
"This signals to us that bugs are becoming harder to find, as the efforts of the wider community have made Chromium significantly stronger," he wrote.
This article originally appeared at scmagazineus.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.