Google Raises Its Bug Bounties

摘要

Faced with declining reports of vulnerabilities in its open source Chromium project, Google has increased payments to researchers who reveal software flaws. As Google sees it, the reduction in vulnerability reports signals "that bugs are becoming harder to find," explained Google software engineer Chris Evans in a blog post. Google's base reward for vulnerability disclosures is $500, but it pays $ 10,000 or more for notable finds. It's adding a $1,000 bonus for "particularly exploitable" issues, for bugs in areas of Chromium considered "stable," and for serious bugs that affect software beyond the browser.