Since the 2010 launch of pest bounty program, Google has paid more than $ 15 million to reward security researchers. Today, the technology giant announced further expand the scope of Google Play Safety Award project (GPSRP) to cover millions of Android applications. At the same time, Google launched a collaboration with HackerOne number of developers to protect incentives (DDPRP) project for application for Android, OAuth project, and the Chrome extension data abuse.
Google believes that de-worming project award is a strong complement to its internal security plan and ability to motivate individuals and research institutions to help them find security flaws and properly disclose, rather than selling it in the gray market or malicious use.
Rather than wait until serious irreversible consequences occur, or pay rewards security researchers more cost-effective. In addition, before the update released today, Google last month also increased the Chrome browser, Chrome OS, and safety research award from Google Play.
As of now, Google Play Safety Award (GPSRP) program has paid more than $ 265,000 bounty to security researchers. With this project cover more popular applications, the future of Google is expected to come up with more budget.
Meanwhile, Google is also working to enhance the technical capacity of automatic screening vulnerabilities, find similar vulnerabilities for all applications on Google Play. If affected application developers, a corresponding notification may be received by the console Play.
It is reported that Google's application security improvements (ASI) project, can provide information about the vulnerability and repair method of information for developers.
In February this year, when Google said the ASI project has helped more than 300,000 developers, repaired more than 1 million applications on Google Play.
As for the new developer of data protection award (DDPRP) program designed to identify and mitigate application for Android, OAuth project, as well as data Chrome extension abuse problems.
If researchers can verify clear signs of abuse data, Google will give some reward according to DDPRP incentive programs, because the company's user data is particularly concerned about the use or sale outside, etc., up to $ 50,000 to send single bonus.
Android applications that have been identified and there are several Chrome extensions abuse, not only is Google Play and the Chrome Web Store shelves, its developers will be limited access to the respective API.
This switched: https: //www.linuxprobe.com/google-android-gpsrp.html