• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • March 4th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security

Android Bug Bounty Program Launched by Google

June 21st, 2015 Pushpa Mishra Security 0 comments
Android Bug Bounty Program Launched by Google
Share on FacebookShare on Twitter

Android Bug Bounty Program is here and it’s your time to report bugs and get paid.

Google’s bug bounty or security rewards program that previously gave away millions of dollars to researcher who identified vulnerabilities in Google’s products such as Chrome since 2010 has been re-launched.

The program has been extended now and will include the Android operating system, the largest member of Google’s product family.

Jon Larimer, Android security engineer, stated: “Today, we’re expanding our program to include researchers that will find, fix, and prevent vulnerabilities on Android, specifically.”

android-bug-bounty-program-launched-by-google

According to Google’s spokesperson, the current Android Security Rewards program will cover just those vulnerabilities that affect the latest Android OS version that too, on its own Nexus 6 smartphone and Nexus 9 tablet. However, the list of devices will keep improving gradually.

We do hope that older versions of the Android OS will be included in this program and Google will encourage its partner firms to come up with timely updates for their apps so that majority of users could benefit from the bug bounty program.

To claim the reward under this program, researchers must discover vulnerabilities and bugs on any or all of the eligible devices that aren’t covered in any other reward programs from Google. The rules are as follows:

“Eligible bugs include those in AOSP code, OEM code (libraries and drivers), the kernel, and the TrustZone OS and modules. Vulnerabilities in other non-Android code, such as the code that runs in chipset firmware, may be eligible if they impact the security of the Android OS.”

The disclosure deadline will be of 90days max and the rewards are also lucrative. Larimer says that larger rewards would be given to those who go beyond identifying a discovery and also recommend tests or patches to help make the ecosystem healthier.

Biggest prize will be given to “researchers that demonstrate how to work around Android’s platform security features, like ASLR, NX, and the sandboxing that is designed to prevent exploitation and protect users.”

However, those who submit a bug can expect a reward of around $2000/£1200. The reward will be determined after analyzing the severity level of the bug identified. Researchers who submit unit cases, test cases and AOSP/Android Open Source Project patches will be given higher rewards of up to $8000/£5000.

The potential rewards may rise to $20,000 or even $30,000 that is something between £12,000 and £19,000 if the vulnerability identified can compromise the TEE/TrustZone, kernel or the Verified Boot process.

[src src=”via” url=”https://nakedsecurity.sophos.com/2015/06/17/google-launches-android-bug-bounty-program/”]Sophos[/src]

[src src=”source” url=”https://www.google.com/about/appsecurity/android-rewards/index.html”]Google[/src]

  • Tags
  • Android
  • Google
  • security
  • Smartphone
Facebook Twitter LinkedIn Pinterest
Previous article WikiLeaks Releases 275k+ Hacked Sony Documents
Next article Katie Hopkins Twitter Account Hacked, Threatens To Leak Sex Tape
Pushpa Mishra

Pushpa Mishra

Pushpa is a Dubai based scientific academic editor who worked for Reuters' Zawya business magazine and at the same time a passionate writer for HackRead. From the very first day she has been a blessing for team Hackread. Thanks to her dedication and enthusiasm.

Related Posts
Flaw allowed bypassing verification code, log in to any Microsoft account

Flaw allowed bypassing verification code, log in to any Microsoft account

Hackers hit Microsoft Exchange Server to steal email data

Hackers hit Microsoft Exchange Server to steal email data

Gootloader exploits websites via SEO to spread ransomware, trojans

Gootloader exploits websites via SEO to spread ransomware, trojans

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Flaw allowed bypassing verification code, log in to any Microsoft account
Microsoft

Flaw allowed bypassing verification code, log in to any Microsoft account

Hackers hit Microsoft Exchange Server to steal email data
Cyber Crime

Hackers hit Microsoft Exchange Server to steal email data

Gootloader exploits websites via SEO to spread ransomware, trojans
Security

Gootloader exploits websites via SEO to spread ransomware, trojans

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us