Earn Rewards for Finding Security Flaws in Gmail, YouTube, and More

Google is on the hunt for hackers to find security vulnerabilities in popular web applications like Gmail, Blogger, and YouTube. The tech giant is offering rewards starting at $500 per bug. For vulnerabilities that are “severe or unusually clever,” the payout can reach up to $3,133.70. Additionally, hackers can choose to donate their rewards to charity, with Google matching the donation at its discretion.

Researchers who participate in this bug bounty program will also receive recognition on Google’s security page.

However, Google has set some exclusions for this program. Bugs caused by denial of service attacks and search optimization tricks are not eligible for rewards. Furthermore, technologies that Google has recently acquired are off-limits.

This is not Google’s first venture into incentivizing security research. In January, the company launched a bounty program for Chromium, the open-source project behind Google Chrome. This initiative followed in the footsteps of Mozilla’s Firefox bounty program.

Expanding the bounty program to web applications is a strategic move for Google. As the company pushes web apps as the future of computing, highlighted by the upcoming Chrome OS, the security of these services becomes paramount. With users increasingly storing sensitive information online, robust security measures are essential.

Looking ahead, Google may extend the bounty program to client applications such as Android, Picasa, and Google Desktop. This expansion is highly anticipated, especially after analysis firm Coverity identified 88 high-risk defects in the Android kernel.

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.