Tuesday, June 27, 2017
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
European Commission Fines Google Record 2.42 billion Euros For Giving Advantage to own Comparison Shopping Service in Search
Fujitsu Virtual Machine Control Technology Improves Server Density
Samsung Foundry Focuses on 6nm Process to Beat TSMC
Sprint Starts Partnership Talks With US Cable TV Providers Charter Communications and Comcast
Western Digital Resubmits Bid for Toshiba Chip Unit
NVIDIA Collaborates with Volvo to Bring AI-Enabled Autonomous Vehicles to Market in 2021
Sony's "Core Libraries" of Deep Learning Tools are now Open source
Micron Lexar Removable Storage Retail Business Discontinued
Active Discussions
Which of these DVD media are the best, most durable?
How to back up a PS2 DL game
Copy a protected DVD?
roxio issues with xp pro
Help make DVDInfoPro better with dvdinfomantis!!!
menu making
Optiarc AD-7260S review
cdrw trouble
 Home > News > General Computing > Google ...
Last 7 Days News : SU MO TU WE TH FR SA All News

Thursday, October 10, 2013
Google To Reward Researchers Who Discover Open-source Code Security Holes


Google said Wednesday it plans to reward developers for developing proactive security improvements for some of the most widely used open-source software programs. Rewards will range between US$500 to $3,133.70.

Google says that its Vulnerability Reward Program is not an OSS bug-hunting program. It provides financial incentives for "down-to-earth, proactive improvements that go beyond merely fixing a known security bug," according to Michal Zalewski of Google's Security Team.

"Whether you want to switch to a more secure allocator, to add privilege separation, to clean up a bunch of sketchy calls to strcat(), or even just to enable ASLR - we want to help!," he said.

Google will roll out the program gradually, based on the quality of the received submissions and the feedback from the developer community. For the initial run, Google will imit the scope to the following projects:

- Core infrastructure network services: OpenSSH, BIND, ISC DHCP
- Core infrastructure image parsers: libjpeg, libjpeg-turbo, libpng, giflib
- Open-source foundations of Google Chrome: Chromium, Blink
- Other high-impact libraries: OpenSSL, zlib
Security-critical, commonly used components of the Linux kernel (including KVM)

But Google intends to soon extend the program to widely used web servers (Apache httpd, lighttpd, nginx), SMTP services (Sendmail, Postfix, Exim), Toolchain security improvements for GCC, binutils, and llvm as well as to the OpenVPN.

In order to qualify, patches must first be submitted directly to the maintainers of the project, and researchers must work with them to have it accepted into the repository and incorporated into a shipping version of the program. After these prerequisites are met, they should submit their entry to security-patches@google.com.

Rewards for qualifying submissions will range from $500 to $3,133.7. The final amount is always chosen at the discretion of the reward panel and is based on our judgment of the complexity and impact of the patch.




Previous
Next
Samsung To Add Fingerprint Sensor To Next Version Of Galaxy Note 3        All News        T-Mobile International Options to Include Free Data Roaming
Now Anyone Can Find You On Facebook     General Computing News      HP Says Turnaround Remains On Track, Provides Fiscal 2014 Outlook

Get RSS feed Easy Print E-Mail this Message

Related News
European Commission Fines Google Record 2.42 billion Euros For Giving Advantage to own Comparison Shopping Service in Search
EU Set to Announce Antitrust Fine Against Google
Google For Jobs Gives Americans Easy Access to More Job Listings
Google Takes Steps to Remove Extremist Content on YouTube
Google to Make its Own SoCs for Tablets and Smartphones
Google Set to Take a Lead in Market of Digital Assistants
Google To Employ Machine Learning To Ad Analytics
Google Dedicates Second Day of Google I/O on Daydream, Tango, and Developer tools for VR and AR
Google I/O: Google Digital Assistant Coming to iPhone, Android O, Android Go, New TPU and VR
Google to Bring Digital Assistant To Third-party Hardware, Including the iPhone
Google Becomes More Flexible When it Comes to Banning Adsense Publishers
New Google Pixel Phone Could By Made By LG

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2017 - All rights reserved -
Privacy policy - Contact Us .