Google has lastly launched a põrnikas bounty plan for Android apps on Google Play Store, inviting safety researchers to notice as well as written report vulnerabilities inwards some of the most pop Android apps.
Dubbed "Google Play Security Reward," the põrnikas bounty plan offers safety researchers to move conduct amongst Android app developers to notice as well as create vulnerabilities inwards their apps, for which Google volition pay $1000 inwards rewards.
"The destination of the plan is to farther ameliorate app safety which volition create goodness developers, Android users, as well as the entire Google Play ecosystem," the technology giant says inwards a blog post published today.
Google has collaborated amongst põrnikas bounty platform, HackerOne, to care backend for this program, similar submitting reports as well as inviting white-hat hackers as well as researchers.
White-hat hackers who want to participate tin dismiss submit their findings conduct to the app developers. Once the safety vulnerability has been resolved, the hacker needs to submit his/her põrnikas written report to HackerOne.
Google volition thence pay out a vantage of $1,000 based on its Vulnerability Criteria, wherein, according to the company, to a greater extent than criteria may live added inwards the future, creating to a greater extent than reach for rewards.
"All vulnerabilities must live reported conduct to the app developer first. Only submit issues to the Play Security Rewards Program that convey already been resolved yesteryear the developer." HackerOne said.
"For now, the reach of this plan is express to RCE (remote-code-execution) vulnerabilities as well as corresponding POCs (Proof-of-concepts) that spill out Android 4.4 devices as well as higher."It is an unfortunate truth that fifty-fifty afterward thence many efforts yesteryear Google, malicious apps continuously somehow managed to fool its Play Store's safety machinery as well as infect millions of Android users.
It's notable that Google Play Security Reward plan does non include finding as well as reporting fake, adware or malware apps available on Google play store, thence the plan volition non impact the increase inwards malicious apps on Google's app platform.
For now, a express number of Android apps convey been added to Google Play Security Reward Program, including Alibaba, Snapchat, Duolingo, Line, Dropbox, Headspace, Mail.ru as well as Tinder.
So what yous are waiting for?
Roll upward your sleeves as well as start hunting for vulnerabilities. For to a greater extent than details most Google Play Security Reward Program, catch HackerOne.
Share This :
comment 0 Comments
more_vert