Google is offering around Rs 7.1 crore to those security researchers who can discover a unique bug in Pixel phones. If the researchers manage to find a bug that may compromise users’ data, then Google will pay them the mentioned price as a top award. Not just this, the search giant will also give an additional 50 percent bonus, resulting in a prize of around Rs 10 crores. But for this, security researchers will have to find an exploit on “specific developer preview versions of Android.”
The Google Bug Bounty program will reward the top prize to someone who can break into Google’s Titan M “secure element.” Similar to Apple’s “iPhone Secure Elementa, “Titan M” is a security chip that automatically scans hackers trying to load malware when an Android phone is turned on. For the new reward category, Google is looking for “full chain remote code execution exploit with persistence which compromises the Titan M secure element on Pixel devices.”
“We will reward extra for a full exploit chain (typically multiple vulnerabilities chained together) that demonstrates arbitrary code execution, data exfiltration, or a lockscreen bypass,” said Google. When Google first introduced its bug bounty program for Android, the biggest bug bounty reward was $38,000. Researchers with a security research track record of high-quality systems on any platform are eligible to apply and they could end up earning a maximum payout of $1 million.
Besides, this news comes after security researchers recently identified that camera in Google Pixel smartphones can easily spy on you. The researchers at cybersecurity firm Checkmarx found that an attacker can control the app to take photos and/or record videos via a rogue app that has no permissions to do so. This can be done by just manipulating specific actions and intents, IANS reports.
Separately, in July this year, Facebook awarded a Tamil Nadu-based security researcher. His name is Laxman Muthiyah who spotted a major bug in the Instagram app. The company gave $30,000 as a part of a bug bounty program after he spotted a flaw in Facebook‘s photo-sharing Instagram app. The researcher said that the vulnerability allowed him to “hack any Instagram account without consent permission.”
– With inputs from IANS
|Features||Google Pixel 3a||Google Pixel 4|
|Chipset||Qualcomm Snapdragon 670||Qualcomm Snapdragon 855 SoC|
|OS||Android 9 Pie||Android 10|
|Display||5.6-inch full HD+||OLED-5.7-inch full-HD+-1080x2280pixels|
|Internal Memory||4GB RAM + 64GB storage||6GB RAM with 64GB storage|
|Rear Camera||12MP||Dual – 12MP + 16MP|