When Google first offered a $3,133.70 incentive for finding backdoor vulnerabilities in its services in 2010, it was like a cute joke. Well, actually, it seemed like a pretty decent (though strange) sum at the time, but it’s laughable in light of how much the company is willing to pay now: Google has upped the ante to up to $20,000.
It must be really serious about finding security holes. The awards, which range depending on the severity of the bug, go to anyone who can find exploits that would allow an intruder’s code to create problems in a Google datacenter. Given how many services there are (with one more joining the ranks today), there’s no shortage of places to look.
Not that it’s easy to find one that will earn the big prize. Of the 11,000 or so software holes submitted, fewer than 1,000 were eligible for awards of $300 or more. Even so, with a big payout dangling in front of them now, there’s no doubt plenty of IT wizards will try their best to break through whatever they can get their hands on.
In total, Google has shelled out about $460,000 so far, not including the big $1 million payoff at its Pwnium contest earlier this year. The mission then was to find vulnerabilities in the Windows 7 version of Chrome.
Winners who’ve gotten rewarded in this program have been computer security professionals, engineering students and website operators, says Google. So if you’re one of them (or know someone who is), here’s a hot tip: You increase your chances for winning the highest amount by identifying bugs in particularly sensitive services, like Google “Wallet” software. Good luck.