Google has doubled the bounty for anyone that successfully hacks its Chrome OS to $100,000.
Last year, Google introduced a $50,000 bug bounty reward for the persistent compromise of a Chromebook in guest mode. But the company’s security team says it has not received a single successful submission and has therefore decided to up the ante to $100,000 (around £70,000).
"Since we introduced the $50,000 reward, we haven’t had a successful submission," Google said in a blog post. "That said, great research deserves great awards, so we’re putting up a standing six-figure sum, available all year round with no quotas and no maximum reward pool."
Google describes what is needed for the top reward: the compromise, delivered through a web page, must persist in guest mode even when the Chromebook is rebooted.
As part of its expanded bug bounty programme, Google has also added a Download Protection Bypass bounty, which means it's offering cash money rewards for methods that bypass Chrome’s Safe Browsing download protection features. The reward for this is a mere $1,000, though.
There are three qualifying rules in place:
- Google will only accept reports about issues that it is unaware of. In a case of multiple reports on the same issue, the first submission will be considered as the first bug report.
- Security bugs disclosed to other parties in the context of fixing the issues will qualify for the reward, but if the information is shared to mislead or for any other reason, the applicant will be rejected then and there.
- Under the “Trusted Researcher Program”, if any developer finds a bug and Google itself is unable to find the same bug within 48 hours, only then the developer will be entitled to the reward.
So far, Google boasts, it has paid out more than $2m in bug bounty rewards.
To hear more about security challenges, the threats they pose and how to combat them, sign up for V3's sister site Computing's Enterprise Security and Risk Management conference, taking place on 24 November.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago