
According to the Google Chrome Security Team, Security is core to them but they believe their could be vulnerabilities in their software and some security bugs.
Therefore the team has a prize to you to help them find and fix vulnerabilities. The team has teamed up with HP’s Zero Day Initiative (ZDI) annual Pwn2Own competition, to be held at the CanSecWest security conference March 6-8 in Vancouver, BC to improve Internet security for everyone and the hackers will take home a generous reward.
Announcing today the team said, “Today we’re announcing our third Pwnium competition—Pwnium 3. Google Chrome is already featured in the Pwn2Own competition this year, so Pwnium 3 will have a new focus: Chrome OS.”
Chris Evans, Google Chrome Security Team said the Pwnium 3 rewards for Chrome OS will add up to $3.14159 million USD.
The first $110,000 for browser or system level related compromises in guest mode or as a logged-in user, delivered via a web page and $150,000 for compromise with device persistence — guest to guest with interim reboot, delivered via a web page.
Evans added, “We believe these larger rewards reflect the additional challenge involved with tackling the security defenses of Chrome OS, compared to traditional operating systems.”
Evans says the attack must be demonstrated against a base (WiFi) model of the Samsung Series 5 550 Chromebook, running the latest stable version of Chrome OS using any installed software even for the kernel and drivers. Hackers with the Samsung Series 5 550 can do so using a virtual machine.
There are some rules that apply too.
Hackers have to reveal the full vulnerable report showing the bugs used and the exploits are to be served from a password-authenticated and HTTPS-supported Google property, such as Google App Engine. This will help the firm to identify and fix the bugs.
Google reserves the full rights of the contest and can issue partial rewards to hackers who exploit the system partially. See you there March 7.