Yesterday Google announced via the Chromium Blog that they’re going to pay people find security holes in Chromium or the Google Chrome browser.
“As per Mozilla, our base reward for eligible bugs is $500. If the panel finds a particular bug particularly severe or particularly clever, we envisage rewards of $1337.”
According to the blog post, some of the most interesting bugs have been reported by researchers external to the Chromium project.
“For example, this same origin policy bypass from Isaac Dawson or this v8 engine bug found by the Mozilla Security Team.”
It’s a strength in numbers policy towards security.
“The more people involved in scrutinizing Chromium’s code and behavior, the more secure our millions of users will be.”