Google bug bounty programme reward money and payouts.

image credit- tecgig.com

Android 12.

Android 12 is now available on select phones but within the very initial beta stage. This suggests it’s filled with bugs that not only spoil your smartphone experience but can even tamper with the phone’s functions and make it unresponsive. And there are chances this build also has some vulnerabilities that affect the safety of the OS and therefore the phone. Google now wants techies to seek out and report these security bugs under the Android Security Rewards Program with rewards of over 7rs crore if they find serious bugs.

Selected devices for testing.

Security researchers who have an interest in Google’s bug bounty programme will got to analyze the newest Android 12 Beta 1 and Android 12 Beta 1.1 builds for Pixel devices. In its Android Rewards blog, Google has said that anyone who finds a security vulnerability within the two new Android 12 builds between May 18 and June 18 are going to be eligible for a 50 per cent bonus over and above the quality payout. The Android Security Rewards Program covers bugs in code that runs on eligible devices and isn’t already covered by the company’s other reward programme. The eligible devices, as per Google, for the bug programme are:

image credit- mysmartprice.com
  • Pixel 5
  • Pixel 4a
  • Pixel 4a 5G
  • Pixel 4
  • Pixel 4 XL
  • Pixel 3a
  • Pixel 3a XL
  • Pixel 3
  • Pixel 3 XL

Google has additionally referred to the form of vulnerabilities, which might be deemed eligible below the malicious program bounty programme. These bugs include those in android open source project (AOSP) code, original equipment manufacturer (OEM) code drivers and libraries, the Secure Element code, and also the Trust Zone operating system and modules. Another vulnerabilities in non-Android code can also be eligible “if they impact the safety of the Android OS.” Google will distribute bonus rewards for a full exploit chain, the small print of which are given intimately on the Android Security Rewards Program website. Since payouts for locating bugs depend upon the severity of the vulnerability, Google has classified reward amounts consistent with the exploits found in several parts of the OS.

These rewards are for finding serious exploits:

DescriptionMaximum Reward
Privileged ProcessUp to $100,000
KernelUp to $250,000
Trusted Execution EnvironmentUp to $250,000
Secure ElementUp to $250,000
Pixel Titan MUp to $1,000,000

Google also will ante up to $100,000 if a security researcher manages to bypass the lock screen on the phone. This involves bypass exploits achieved using software which will also affect other devices. Spoofing using synthetic biometric solutions like fake masks or fingerprints won’t be eligible for rewards.

How to participate in Android Security Rewards Program?

Google said that each one the tech researchers curious about its bug bounty programme are required to check the Android 12 Beta 1 and Android 12 Beta 1.1 builds.

The beta versions of Android 12 are currently only available for Pixel devices, meaning that participating developers will need to get access to a Pixel smartphone to participate within the highly rewarding programme.

On its respectable blog, Google cited that computer virus-locating builders are going to be eligible for a 50 consistent with cent bonus over and above the first-rate payout. Tech researchers will want to locate the vulnerability inside the new Android 12 builds. The remaining date for filing the findings is June 18. Vulnerabilities like in AOSP code, OEM code (libraries and drivers), the kernel, the Secure Element code, and consequently the TrustZone OS and modules are blanketed inside the computer virus bounty programme. If the alternative vulnerability influences the protection of the Android OS, Google might also additionally boom the eligibility net.

2 thoughts on “Google bug bounty programme reward money and payouts.”

  1. I wanted to post you that little word so as to say thanks a lot yet again with your
    nice thoughts you have shown on this site. It’s really pretty generous of people like you to
    offer extensively what a lot of people would have offered for sale for an e book to help with making some dough
    for their own end, principally considering the fact that you might have tried it in the event you decided.

    The suggestions additionally served as a fantastic way to be
    aware that other individuals have the identical zeal like
    my very own to realize a whole lot more pertaining to
    this condition. I am sure there are many more pleasurable periods up front for people
    who browse through your site.

    Reply

Leave a Comment