Vulnerability hunting in Android and Chrome can be lucrative.
rafapress/Shutterstock.com
Google has introduced a number of bug bounty programs for its software and services over the last decade. Now the company has announced that it will increase compensation for people who find security holes in Android to up to $1.5 million.
In order for this sum to be paid out, a critical vulnerability in the Pixel Titan M2 security chip with persistence must be found. If there is no persistence, the finder has to settle for $750,000.
Less money with Chrome
If errors are found in other systems such as Chrome, Google is less generous. Rewards of up to $250,000 are offered for complete exploit chains against browser processes on current hardware and software. A report that successfully exploits a memory allocation that Google determines should be protected by MiraclePtr will receive a bonus of up to $250,128.
