Google Expands Bug Bounty to Youtube, Blogger, Orkut and other Google Services

By on Nov 6, 2010 in Desktop, Internet, Programming, Software, Technology Comments

Google announced this week that they are expanding coverage of their vulnerability reward program to other Google-based services like Youtube, Blogger, Orkut and Gmail.

On their Google Online Security Blog they explained that in this program Google would pay security researchers who discreetly disclose software flaws of the Google products to Google researchers so that the company can properly assess the damage and provide a fix. Initially this reward program covers the bug reports for Google Chrome browser but given the program’s success the company decided to include other popular Google products as well.

The scope of the bug that may be reported includes but is not limited to the following: cross-site scripting, bypassing authorization controls, and server-side code execution or command injection. Qualified bugs have a base reward of USD 500, but rewards can go up to USD 3,133.7 if they are severe or unusually clever (the figure 3.1337 is the leetspeak for the word Elite). The announcement also suggests that if the security researchers are not interested in the money they can donate it to their chosen charity and Google will match the amount of donation.

Google also clarified that the program scope does not include bugs for Google’s client applications like Android, Picasa and Google Desktop.

Spread The News!

Tags: , , , , , ,


Related News

What's On Your Mind?