• Home
  • News
  • Reviews
  • Digital technology
  • Cloud
  • Data analytics
  • Digital leaders
  • IoT
  • Opinion
  • Events
  • Whitepapers
  • SMB Spotlight
  • Newsletters
  • Sign in
  • Events
    • Upcoming events
      event logo
      Big Data Virtual Summit

      The Big Data Virtual Summit will comprise expert keynotes, real world case studies and interactive discussion panels led by senior IT practitioners who will share their tips for Big Data technologies and data management strategies.

      • Date: 19 Oct 2016
      • Online
      event logo
      V3 Technology Awards

      2016 V3 Awards

      • Date: 25 Nov 2016
      • London
      View all events
      Follow V3 Events

      Sign up to receive email alerts about our events

      Sign up
  • Whitepapers
    • V3-resources-120x194
      Leveraging data for small businesses

      The most successful businesses are those with confidence in their ability to store, access and use data effectively.  Rather than focusing on the nuts and bolts of storage, this view point looks at the data it holds and more importantly, what can be done with it.

      Download
      V3-resources-120x194
      Getting the SMB network just right

      This review looks at why small businesses need to stop being complacent about their networks and at what they can do to maintain their competitive edge as they follow the big boys down the route of increasing collaboration and other bandwidth-hungry applications likely to impact on network performance and availability.

      Download
      Find whitepapers
      Search by title or subject area
      View all whitepapers
  • SMB Spotlight
  • Sign in
  •  
    •  

      Personalise your on site experience

      Download and use the apps

      Access your subscription from outside of the office

      Get relevant news and insight straight to your inbox

      Forgot your password?
     
     
      • Saved articles
      • Newsletters
      • Apps
      • Account details
      • Contact support
      • Sign out
     
  • Follow us
    • RSS
    • Twitter
    • Newsletters
    • Facebook
    • YouTube
    • Apps
  • Register
  • News
  • Reviews
  • Digital technology
  • Cloud
  • Data analytics
  • Digital leaders
  • IoT
  • Opinion
 
  •  

    Personalise your on site experience

    Download and use the apps

    Access your subscription from outside of the office

    Get relevant news and insight straight to your inbox

    Forgot your password?
 
 
    • Saved articles
    • Newsletters
    • Apps
    • Account details
    • Contact support
    • Sign out
 
V3.co.uk
  • Security

Google adds Android and Apache to open source security rewards programme

Firm confirms more technologies for new security programme

First Shellshock malware emerges
  • Dan Worth
  • Dan Worth
  • @danworthV3
  • 20 November 2013
  • Tweet  
  • Facebook  
  •  
  •  
  • Save this article  
  • Send to  
0 Comments

Google has extended its Patch Reward Program to include a raft of new platforms and technologies including its own Android system as it looks to improve the securiry of open source software.

The firm announced an overhaul to its security patch policies last month, offering white hats up to $3,133 for fixes.

Google said this would be extended to more platforms before the end of the year and information security engineer for Google Michal Zalewski confirmed the new areas covered by the programme in a blog post.

"The goal is very simple: to recognise and reward proactive security improvements to third-party open-source projects that are vital to the health of the entire internet," he wrote in the post. “We started with a fairly conservative scope, but said we would expand the program soon.”

Zalewski listed the new areas covered as: Android, Apache httpd, lighttpd, nginx, Sendmail, Postfix, Exim, GCC, binutils, llvm, and OpenVPN.

This is almost identical to the original list set out by Google, although it includes some additional platforms. These are: "Network time: University of Delaware NTPD", "Additional core libraries: Mozilla NSS, libxml2" and "Toolchain security improvements for GCC, binutils, and llvm".

The announcement comes at a busy time for security reward programmes after Yahoo was humbled into improving its own service by offering $15,000, rather than t-shirts and caps. Microsoft has also improved its programme to provde payments of up to $100,000 for early alerts about active cyber incidents.

This allows security professionals to benefit from spotting attacks in the wild, rather than finding their own methods for breaking into systems.

  • Tweet  
  • Facebook  
  •  
  •  
  • Save this article  
  • Send to  
  • Topics
  • Security
  • Web
  • Open Source
  • Google
  • Yahoo
  • Microsoft

V3 Latest

Edward Snowden NSA Prism whistleblower
Snowden points finger at Russia over NSA hack

Tweets offer possible cause for major hack

  • Government
  • 16 August 2016
Cloud computing
IBM beats AWS and Azure in seven-year Workday cloud deal

Deal suggests still market left to play for

  • Cloud Computing
  • 16 August 2016
Hacker
NSA hack sees information up for auction in major security incident

Shadow Brokers hacker group claims responsibility

  • Security
  • 16 August 2016
TechEd 2014 Microsoft logo
Microsoft to issue Windows 7 and 8.1 updates together

Firm claims move will make life easier for admins

  • Operating Systems
  • 16 August 2016
blog comments powered by Disqus
Back to Top

Most read

Surface Book fulcrum hinge
Microsoft Surface Book 2 release date, specs and price rumours
Sage at Accountex
Sage breach exposes personal data of staff at 280 companies
Cloud computing
IBM beats AWS and Azure in seven-year Workday cloud deal
Microsoft Windows 10 on a laptop
Windows 10 Anniversary Update: 8 ways to tackle problems caused by latest release
Galaxy Note 7 render
Samsung Galaxy Note 7 release date, price, specs and features
  • Contact
  • Marketing solutions
  • Enterprise IT Events
  • About Incisive Media
  • Terms & conditions
  • Privacy policy
  • RSS
  • Twitter
  • Newsletters
  • Facebook
  • YouTube
  • Apps

© Incisive Business Media Limited

© Incisive Business Media (IP) Limited, Published by Incisive Business Media Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 9177174 & 9178013

Digital publisher of the year 2010, 2013 & 2016

Digital publisher of the year 2010, 2013 & 2016