Go Job Hunting at the LQ Job Marketplace
Go Back > Forums > Linux Forums > Linux - News
User Name
Linux - News This forum is for original Linux News. If you'd like to write content for LQ, feel free to contact us.
All threads in the forum need to be approved before they will appear.


  Search this Thread
Old 10-10-2013, 01:33 PM   #1
Registered: Jun 2000
Distribution: Debian, Red Hat, Slackware, Fedora, Ubuntu
Posts: 11,330

Rep: Reputation: 2802Reputation: 2802Reputation: 2802Reputation: 2802Reputation: 2802Reputation: 2802Reputation: 2802Reputation: 2802Reputation: 2802Reputation: 2802Reputation: 2802
Google offers “leet” cash prizes for updates to Linux and other OS software

Rewards designed to improve security of software critical to Internet's health.

Google is offering rewards as high as $3,133.70 for software updates that improve the security of OpenSSL, OpenSSH, BIND, and several other open-source packages that are critical to the stability of the Internet.

The program announced Wednesday expands on Google's current bug-bounty program, which pays from $500 to $3,133.70 to people who privately report bugs found in the company's software and Web properties. Security researchers inside the company considered modifying the program to reward bug reports in open-source software, but eventually decided against that approach. The reason: bug bounty programs often invite a flood of reports of varying quality that can overwhelm the finite resources of open-source developers. What's more, it's frequently much harder to patch a vulnerability than merely to find it.

"So we decided to try something new: provide financial incentives for down-to-earth, proactive improvements that go beyond merely fixing a known security bug," Michael Zalewski, a member of the Google security team, wrote in a blog post. "Whether you want to switch to a more secure allocator, to add privilege separation, to clean up a bunch of sketchy calls to strcat(), or even just enable ASLR—we want to help."

Beginning immediately, the program will offer rewards between $500 and $3,133.70 for security improvements to core infrastructure network services such as OpenSSH, BIND, and ISC DHCP; image parsers such as libjpeg and libjpeg-turbo; the open-source foundations of Google Chrome; the high impact code libraries OpenSSL and zlib; and security-critical, commonly used components of the Linux operating system kernel. Eventually, Google will pay for fixes to other open-source programs, including the Apache Web server, Sendmail e-mail service, and the OpenVPN virtual private networking app.
More at Ars...



Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Fresh Version of Linux Mint Offers Tweaks and Updates LXer Syndicated Linux News 0 02-05-2010 02:10 AM
LXer: Microsoft offers cash back search LXer Syndicated Linux News 0 05-21-2008 09:40 PM
LXer: ISP offers students cash for open source code LXer Syndicated Linux News 0 01-18-2007 07:21 AM
LXer: Google offers free 3D modeling software LXer Syndicated Linux News 0 05-03-2006 12:12 AM
LXer: Google Offers Free Software Pack LXer Syndicated Linux News 0 01-07-2006 09:16 PM

All times are GMT -5. The time now is 01:41 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration