MCPMag.com

Sign up for our newsletter.

I agree to this site's Privacy Policy.

News

Google Offers $20,000 To Hack Chrome

Google is looking to reward those who can find a vulnerability in its Chrome browser.

Software companies tend to dissuade users from finding and broadcasting exploits, but Google will pay $20,000 for a skilled hack at the Pwn2Own 2011 event, being held March 9-11. Organized by security software company TippingPoint, Pwn2Own is an annual computer hacking contest held during the CanSecWest security conference in Vancouver, BC.

Cash prizes for hacks have been offered in the past by TippingPoint, but this year marks a first for third-party sponsorship -- namely by Google.

"Kudos to the Google security team for taking the initiative to approach us on this; we're always in favor of rewarding security researchers for the work they too-often do for free," wrote Aaron Portnoy, manager of the security research team at TippingPoint, in a released statement.

Google may be feeling somewhat confident in putting up the money. Last year, its Chrome browser was the only browser to withstand hackers' attempts to find vulnerabilities. Internet Explorer, Firefox and Safari were not so lucky.

To be considered a successful vulnerability discovery, hackers must compromise the browser using a sandbox escape (only exploiting Google-generated code in its browser) on a Windows 7 machine. Along with the $20,000 prize, the company will also award the winner its first version of the Google Chrome OS laptop, the CR-48.

All told, including Google's prize money, Pwn2Own organizers will be offering a total of $125,000 in prize money to those who can find flaws in the aforementioned Web browsers, as well as holes in the following mobile phone OSes: Windows Phone 7, Apple iOS, BlackBerry 6 OS and Google Android OS.

Hackers will have strict requirements in discovering a vulnerability in the mobile phone OSes.

"A successful attack against these devices must require little to no user interaction and must compromise useful data from the phone," Portnoy wrote. "Any attack that can incur cost upon the owner of the device (such as silently calling long-distance numbers, eavesdropping on conversations, and so forth) is within scope."

For more information on Pwn2Own and the CanSecWest 2011 convention, click here.

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

comments powered by Disqus

Reader Comments:

Wed, Feb 9, 2011

google chrome officials are trying to find out the most vurnerable hackers of the world... plzz dont do so google....

Wed, Feb 9, 2011

They should get a nice list of hackers and wannabee hackers out of this. This reminds me of those sting operations that the cops do once in awhile to get crooks to come in by mailing them letters that tell them that they won a prize in some contest. Amazingly even after they were cuffed they still wanted to collect their "prize".

Tue, Feb 8, 2011 Pavan Verma Mumbai, India

This is confidence or OVER CONFIDENCE ? ALL THE BEST GOOGLE :-)

Fri, Feb 4, 2011

if anyone seems like they need attention it's apple. Google doesn't need attention, they already know they're the best, 10 times better than apple anyways.

Fri, Feb 4, 2011 Editor

Congratulations. While we don't have a $20,000 prize to offer, please continue to enjoy all the content on our Web sites for the low price of nothing.

Fri, Feb 4, 2011

i already hacked it

Fri, Feb 4, 2011

Can a day pass when G isn't in the news? They really seem to need attention, like a child.

Add Your Comment Now:

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Comment:
Please type the letters/numbers you see above