Skip to main content

Google will pay you $100K if you can pull off the ultimate Chrome hack

school computers chromebooks more than apples budgetlaptops acerchromebook15
Google has doubled the top reward in its bug bounty program for Chrome from $50,000 to $100,000 in the hopes of encouraging more white hat hackers to collaborate on patching bugs and vulnerabilities.

The Chrome Reward Program, which was launched six years ago, invites hackers to try and compromise the security of Chrome devices and Chrome OS.

Related Videos

This latest $100,000 update applies only to the “persistent compromise” of a Chromebook in guest mode. The challenge has so far had no winners but, according to Google, “great research deserves great awards” and it’s hopeful that the hefty reward money will encourage greater research into Chromebook security.

Google has also added a brand new reward for anyone that can compromise Chrome’s Safe Browsing download protection features. This pays a baseline reward of $500.

Google has been pretty open with its bug bounty program over the years. In 2015, it paid out more than $2 million to security researchers that had discovered and disclosed vulnerabilities in various Google services, and more than $6 million since 2010.

The company runs a couple of different bug bounties such as a program for Android that pays up to $8,000 for a critical flaw or its wider security disclosure program for sites and services like Google.com, YouTube, and Blogger that pays up to $20,000.

Bug bounties are a popular way for tech companies to solicit help from the hacker and security communities on dangerous flaws and vulnerabilities that may have gone under the radar. By paying out some generous fees, the companies can encourage hackers to privately disclose bugs rather than exploit them or even sell them on the dark web.

The method seems to be catching on. Facebook recently paid out $15,000 over a serious bug that left everyone’s profile vulnerable. The Department of Defense has launched its own bug bounty program, Hack the Pentagon, to put its own website to the test.

Editors' Recommendations

5 things I love in the Google Docs redesign
Google Workspace in Firefox on a Windows laptop.

Google is refreshing the look of Google Docs, Slides, Drive, and Sheets. The changes are happening across the board for Google Workspace subscribers and free personal accounts. I love that we all get to enjoy the changes, and there are five things, in particular, that really stand out to me as significant improvements.

This is a continuation of the Material Design 3 updates to Gmail last year. If you are happy with how Gmail looks, you’ll probably enjoy the new Docs as well.
Subtle color adds structure

Read more
4 Windows 11 accessibility features that make it easier for everyone to use
Person using Windows 11 laptop on their lap by the window.

Windows 11 feature some big updates for Microsoft's storied operating system visually, but it has made big strides in accessibility as well. Live Captions, updates to the Narrator, and even full voice access might make Windows 11 the most accessible OS Microsoft has ever released.

Regardless of it you need accessibility features to navigate Windows 11 or if you just want to make getting around a little easier, we tried out a slew of features to bring you our favorites. If you want to browse the full list, you can find it by opening the Settings app in Windows 11 and selecting the Accessibility tab.
Live captions

Read more
Gmail client-side encryption adds security for businesses
Google services (YouTube, Gmail, Chrome, Duo, Meet, Google Podcasts) icons app on smartphone screen.

Google has made client-side encryption (CSE) available for a number of its Workspace applications after introducing the function in beta mode last December.

Detailing the feature in a blog post on Tuesday, Google announced that client-side encryption would allow professional users to send data in Gmail and Calendar apps in such a way that no one except those in the organization and the recipients can access or read the content. Google as an entity is not even able to access data sent or created through Gmail or Calendar as it would be encrypted before reaching its servers. This is yet another way Google is using AI to the benefit of customers the brand said.

Read more