Google recently announced a new initiative that almost sounds like the name of an espionage movie. Known as Project Zero, the search giant has created a new team of security geniuses to help put Internet denizens at ease; to free us from the tyranny of hackers and other nefarious individuals.
“You should be able to use the web without fear that a criminal or state-sponsored actor is exploiting software bugs to infect your computer, steal secrets or monitor your communications,” Google’s Chris Evans, “Researcher Herder,” said in a blog post. “We think more can be done to tackle this problem.”
Evans says that the group’s goal is to “significantly reduce the number of people harmed by targeted attacks.” The Project Zero team has commenced a hiring spree of security experts who will all commit to making the Internet a safer place. Evans said the team won’t focus on any security threats in particular but will instead pay close attention to the technique, targets and motivations of attackers.
“We’ll be conducting new research into mitigations, exploitation, program analysis—and anything else that our researchers decide is a worthwhile investment,” Evans said.
Once the project is up and running, Evans said he and his team will be as transparent as possible, noting every discovery in an external database. If a vulnerability is found within software, Project Zero will notify the software’s vendor, giving the public the opportunity to see how long it takes for a particular company to fix an exploit. “We also commit to sending bug reports to vendors in as close to real-time as possible, and to working with them to get fixes to users in a reasonable time,” Evans added.
In addition to the new initiative, Evans says Google will get the community involved, too, possibly by creating extensions of its reward programs. You can follow along on the Project Zero blog to keep track of the team’s progress.
