Google Paid $550,000 to Android Bug Hunters
Google paid more than $550,000 last year to 82 people for the Android bugs, since launching its Android Security Rewards program. More than 250 reports were sent by 82 people at Google. On average, the rewards are paid 2,200 dollars a flaw or 6700 dollars per researcher. One of the researchers collected a cool $ 75,750 dollars to have sent 26 vulnerability reports.


From now on, researchers who submit “high-quality” vulnerability reports with proof of concept will receive 33 percent more. High-quality vulnerability reports with a proof of concept, a CTS Test or a patch will get 50 percent more. Also, a “remote or proximal kernel exploit” will now earn $30,000 instead of $20,000, while a “remote exploit chain or exploits leading to TrustZone or Verified Boot compromise” will be rewarded with $50,000 instead of $30,000.


With Android powering the majority of mobile devices currently in use, security is of utmost importance. The Stagefright bugs that recently ravaged Android devices prompted Google to increase its efforts even further and challenged OEMs to keep up. Google’s monthly security patches emerged as a result of the Stagefright fright, and OEMs are under increased pressure to deliver the said updates in a timely manner to end users.

Glad to see Google are upping the bounty and taking security so seriously. Though I do wonder about the implications of the Google Play store integration with Chromebooks. This is something I will be watching very closely.
"I'm a gamer, not because I don't have a life... But because I choose to have many"

Users browsing this thread: 1 Guest(s)