Google to give rewards for finding bugs in Chromium
In an attempt to make Chromium more secure, Google is planning to get security experts to give more attention on Chromium's security by providing a $500 reward for reporting bugs. They said that some of the most interesting security bugs are reported by experts outside the Chromium Project and so, by providing this incentive Google is hoping to attract the attention of these experts in the Chromium Project. The Chromium Project is especially to because their Chrome browser and their OS, Chrome OS is based on the Chromium Project.
This is what Chris Evans of Google Chrome security writes in the Chromium blog:
Today, we are introducing an experimental new incentive for external researchers to participate. We will be rewarding select interesting and original vulnerabilities reported to us by the security research community. For existing contributors to Chromium security — who would likely continue to contribute regardless — this may be seen as a token of our appreciation. In addition, we are hoping that the introduction of this program will encourage new individuals to participate in Chromium security. The more people involved in scrutinizing Chromium's code and behavior, the more secure our millions of users will be.
Any bug filed through the Chromium Bug Tracker will qualify for consideration of the reward. Whether the bug deserves the reward or not will ultimately be decided by a panel of experts involved with the Chromium Project.
[via Chromium Blog]