In Under 10 Hours, Google Patches Chrome To Plug Hole Found At Its Pwnium Event 113
An anonymous reader writes "Last night, Google held its Pwnium 2 competition at Hack in the Box 2012, offering up a total of $2 million for security holes found in Chrome. Only one was discovered; a young hacker who goes by the alias 'Pinkie Pie' netted the highest reward level: a $60,000 cash prize and a free Chromebook (the second time he pulled it off). Google today patched the flaw and announced a new version of Chrome for Windows, Mac, and Linux."
I do wonder (Score:5, Interesting)
How hard Pinkie Pie had to fight not use their real name, or if Google just let it slide.
Crack on demand (Score:4, Interesting)
Good to see (Score:4, Interesting)
Looks like Google is keeping it's hacker culture alive rather than becoming a slow moving behemoth like their competitors.
Non-existant QA? (Score:5, Interesting)
While the turn-around time is impressive, it could not possibly have undergone extensive QA testing...
I understand that some bugs can have such OBVIOUS solutions - what could POSSIBLY go wrong with the fix???
Getting people to work for you for free/cheap (Score:4, Interesting)
Factoring all overheads (e.g. HR, office space, equipment), how much would a company like Google have to pay to hire a security team to do the amount of security testing work done collectively at this "competition"? Well above $2,000,000. A whole bunch of people do free testing, and one guy gets $60,000 'and a free Chromebook, wow' - not that impressive an amount, considering the amount of self-training and self-development you have to put it in to reach that level of expertise, and the amount of time needed to find a security problem. $60K is, what, maybe 6 months salary of hiring a person of that skill level to do similar work .. when you factor in overhead costs, maybe even just 3 or 4 months worth (Google would probably have been very lucky to hire someone to find that bug for that cost). Come on Google, you can afford to pay people properly for such valuable work .. I don't like these cheap tricks that companies like Google use to effectively get people to work for them for free or peanuts.