Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

Google Bug Open Source Security The Almighty Buck The Internet Technology

Google Broadens Bug Bounties To Include Web App Security 50

Posted by Soulskill
from the invitation-to-break-stuff dept.
n0-0p writes "Google just announced they will pay between $500 and $3133.70 for security bugs found in any of their web services, such as Search, YouTube, and Gmail. This appears to be an expansion of the program they already had in place for Chrome security bugs. 'We've seen a sustained increase in the number of high quality reports from researchers, and their combined efforts are contributing to a more secure Chromium browser for millions of users.' The rules and qualification details were posted today at the Google Online Security Blog."
This discussion has been archived. No new comments can be posted.

Google Broadens Bug Bounties To Include Web App Security

Comments Filter:
  • Does this imply.... (Score:3, Interesting)

    by santax (1541065) on Monday November 01, 2010 @07:02PM (#34096648)
    I can actually 'test' the security of youtube/gmail and such and don't get a party-van in front of my house?
  • Bug economy (Score:5, Interesting)

    by Caerdwyn (829058) on Monday November 01, 2010 @07:39PM (#34096922) Journal

    A story from the past...

    A Former Employer Who Shall Not Be Named had a product about to go golden-master, and wanted every employee in the company to participate in the final round of testing. Then the pointy-haired bosses got an idea! During the last round of testing, they put up a bounty of twenty dollars for each P3, fifty dollars for each P2, and a hundred dollars for each P1 bug found. However, the pointy-hairs decreed QA and Dev were excluded, and in the same breath decreed that QA and Dev would be working overtime.

    An underground economy of bugs immediately sprang up. QA guys would find bugs and quietly share them with tech support/sales engineers/etc. Devs would notice (and it was whispered, though never proven, create) bugs and quietly share them with IT. And the proceeds would be split between the ineligible employees and the eligible.

    Over fifty thousand in bounties were paid. Then the pointy-hairs got wind of what was going on.

    And that was the end of that.

    Irrelevant to the story at hand, though, I'm quite sure...

I cannot draw a cart, nor eat dried oats; If it be man's work I will do it.