​​​
  1. Want to earn quick Rs 65,000? Take this Google Challenge and claim the money

Want to earn quick Rs 65,000? Take this Google Challenge and claim the money

The new program is aimed to further improve app security which will benefit developers, Android users, and the entire Google Play ecosystem.

By: | Updated: October 21, 2017 5:19 PM
Google Play Store, google bug bounty programme, google bug bounty,google Android play softwares, google softwares, google bug bounty for malware Google has now taken the bug bounty project to an all new level by introducing a “Google Play Security Reward Program” – in collaboration with Hackerone.(Reuters)

It’s no more hidden that malware creators have taken to sophisticated ways these days – making data breach and privacy big causes of concern. To fight the menace, a number of companies are currently running “bug bounty” programs that provide monetary reward to any individual or group that uncovers critical vulnerabilities in a software. Search engine giant Google also had one such programme limited to its in-house softwares. However, it has now taken the bug bounty project to an all new level by introducing a “Google Play Security Reward Program” – in collaboration with Hackerone. The new program is aimed to further improve app security which will benefit developers, Android users, and the entire Google Play ecosystem.

For now, the vulnerability criteria of the program has been kept limited to RCE (remote-code-execution) and corresponding POCs (Proof of concepts) that work on Android 4.4 devices and higher. As per Hacker One, this means that any RCE vulnerability that allows an attacker to run code of their choosing on a user’s device without user knowledge or permission. The examples may include:

– Attacker gaining full control, i.e the code can be downloaded from the network and executed (download and execute arbitrary code, native, Java code etc. Javascript)
– Attacker can Manipulate UI to commit a transaction. For example, causing a banking app to make money transactions on behalf of the user without their consent.
– Opening of webview that may cause potential phishing attacks. Opening webview without user input or interaction.

Hacker One says that all Google-developed Android apps available on Google Play are included in the programme. It also requests to report vulnerabilities in Google apps to the Google Vulnerability Reward Program or, for Chrome specifically, to the Chrome Reward Program. For anyone software geek, who is ready to accept Google’s new software challenge, payments of $1,000 (app: Rs 65,000) will be made for each verified software vulnerability, a bgr.com report said. A person is advised to visit https://hackerone.com/googleplay for detailed information and updates.

Get live Stock Prices from BSE and NSE and latest NAV, portfolio of Mutual Funds, calculate your tax by Income Tax Calculator, know market’s Top Gainers, Top Losers & Best Equity Funds. Like us on Facebook and follow us on Twitter.

Go to Top