A sum of one million dollars is up for grabs at Pwn2Own, the annual hacking contest which is going to be held next week at Vancouver, Canda. Google is offering bounty to anyone who can hack into their Internet browser, Google Chrome.
Google is offering such a massive reward so that the flaws of their web browser can be identified and vulnerabilities repaired. "While we're proud of Chrome's leading track record in past competitions, the fact is that not receiving exploits means that it's harder to learn and improve. To maximize our chances of receiving exploits this year, we've upped the ante." wrote Chris Evans and Justin Schuh, of the Google Chrome Security Team, in their blog.
Google demands that the winning researcher give the details of the bugs to its security team. The contest's official organizers are Hewlett-Packard-owned Zero Day Initiative. In fact, the company was slated to be one of the sponsors of Pwn2Own. But after discovering that the rewarded hackers didn't need to provide the full details of the flaws found and exploited, they pulled out.
Google will directly sponsor $60,000 to those who exploit bugs in core Chrome functionality, $40,000 to those who exploit at least one bug in underlying technology like Webkit, and $20,000 to participants exploiting bugs in third-party components like Flash. Chrome's security team guarantees to send non-Chrome bugs to the appropriate vendor immediately.
Prizes will be rewarded on a first-come-first-serve basis till the $1 million mark is reached. All winners will also receive a Chromebook.