Tuesday, February 28, 2012

Google offers $1 million reward to hackers who exploit Chrome

There's security and then there's security.

Google has pledged cash prizes totaling $1 million to people who successfully hack its Chrome browser at next week's CanSecWest security conference.

Google will reward winning contestants with prizes of $60,000, $40,000, and $20,000 depending on the severity of the exploits they demonstrate on Windows 7 machines running the browser. Members of the company's security team announced the Pwnium contest on their blog on Monday. There is no splitting of winnings, and prizes will be awarded on a first-come-first-served basis until the $1 million threshold is reached.

...At last year's competition, Internet Explorer and Safari were both toppled but no one even attempted an exploit against Chrome (despite Google offering an additional $20,000 beyond the $15,000 provided by contest organizer Tipping Point).

Chrome is currently the only browser eligible for Pwn2Own never to be brought down. One reason repeatedly cited by contestants for its lack of attention is the difficulty of bypassing Google's security sandbox.

If you're still surfing with Internet Explorer, I would recommend giving Chrome a try. It's fast, secure and free. You can download it here.

Hat tip: @KimZetter.


Phil said...

Whenever I see the Chrome logo, I think back to the Simon Says game from the 70s: http://www.digitalrendezvous.net/wordpress/wp-content/uploads/2007/10/simonextreme.png

Phil said...

Last year, I tried Chrome for the first time. I was composing a letter in Yahoo mail, then switched tabs to compose another letter. When I switched back, the first letter was gone! I repeated this action, and discovered that many other people say NOT to use Yahoo in Chrome.

Anonymous said...

I suggest Google start with buy PVS-Studio license. :-)

PVS-Studio vs Chromium

PVS-Studio vs Chromium - Continuation

astonerii said...

While the hackers cannot get your information, the google guys can have free use of it. As far as I am concerned they are not much more reputable.