Google spent a record sum rewarding researchers for hacking its products
Google’s Vulnerability Reward Programs (VRP) have been round since 2010, designed to reward researchers for discovering bugs and flaws that Google may need missed. The initiative has expanded steadily since then to cowl its different products, together with Chrome and Android, and final yr the corporate prolonged its Google Play safety reward arm to incorporate not simply the highest eight apps, however any app that is had greater than 100 million installs. This netted researchers $650,000 in rewards within the second half of 2019 alone. In whole, Google has paid out greater than $21 million since its VRPs had been launched.
It’s a lot of cash, but it surely makes good monetary sense — regardless of its finest efforts Google cannot be on high of each single potential vulnerability, and rewarding benevolent bug bounty hunters is probably going a lot more economical than coping with the fallout of a nefarious hack. Plus, in fact, this system helps to incentivize vivid younger minds into the sector.
It’s hardly shocking, then, that different corporations have adopted swimsuit. Tesla palms out large money prizes — and even automobiles — to anybody that is capable of crack its automobile safety system, whereas Apple‘s bug bounty program affords single payouts of as much as $1 million. As hackers grow to be more and more subtle and know-how continues to permeate each space of our lives, it will not be a shock to anybody to see the worth of bug bounties skyrocketing, and much more corporations launching their very own initiatives.