Google will offer $3.1 million in prize money to developers who can help find serious security flaws in the code of its Chrome operating system. The latest Pwnium 3 competition will take place March 7 at the CanSecWest security conference in Vancouver, British Columbia, and will be held alongside Hewlett-Packard's Zero Day Initiative vulnerability-finding event and the annual Pwn2Own competition.
The Pwnium 3 rewards have specific requirements for payment. "The attack must be demonstrated against a base (Wi-Fi) model of the Samsung Series 5 550 Chromebook, running the latest stable version of Chrome OS," says Google's Chris Evans. "Any installed software may be used to attempt the attack." Participants must follow standard Pwnium rules, Evans notes. Entries must include the full exploit of the alleged flaw along with its "accompanying explanation and breakdown of individual bugs used."
Furthermore, Evans says the entry exploits "should be served from a password-authenticated and HTTPS-supported Google property, such as Google App Engine. The bugs used must not be known to us or fixed on trunk."
View Full Article
Abstracts Copyright © 2013 Information Inc., Bethesda, Maryland, USA