NEW YORK: Google is one of a growing number of companies to offer a “bug bounty” to hackers who can find security issues in its products and on Wednesday, a teenager scored the top $60,000 prize for uncovering a vulnerability in the Chrome browser.
It’s the second time that the hacker, a teenage male who goes by the handle “Pinkie Pie,” has taken home Google’s money. Google fixed the problem with a software update about 10 hours after the bug was exposed, congratulating Pinkie Pie on “another beautiful piece of work.” Google (GOOG, Fortune 500) first announced its “Chromium Security Rewards Program” in 2010, offering small monetary rewards to researchers who found potential security holes in its Chrome Web browser.
The company upped the ante in February 2012, sponsoring a “Pwnium” contest that sought “fully functional exploits” — and awarded big sums to those who found them. Pinkie Pie was one of two hackers to score a $60,000 prize at that event.Google’s Pwnium 2 competition took place on Tuesday at a conference called Hack in the Box, held in Kuala Lumpur, Malaysia. Pinkie Pie again took home $60,000 for his fresh exploit, which relied entirely on bugs within Chrome itself. He appears to be the only top-prize winner, as Google’s Chromium blog announcement didn’t mention any other hackers.
Facebook (FB) launched its own “bug bounty” security initiative last year, through which it pays out a reward of least $500 to users who spot vulnerabilities.Those bug-spotting programs can be quite lucrative for skilled security researchers — and they offer bragging rights.
This week’s exploit is another feather in the cap of Pinkie Pie, who told Wired in March that he applied for a job at Google in 2011. He wrote in his cover letter that he could crack Google Chrome on Apple’s (AAPL, Fortune 500) OSX operating system for Mac.Pinkie Pie never received a reply, but a Google rep told Wired at the time that they’d be taking a second look at his resume.At this rate, though, continuing to hack his potential employer might be a better gig than a full-time job. – CNN