Google Rewards $550,000 For Pointing Android Vulnerabilities

Must Read

Can CBD Gummies Be Beneficial For College Students?

College students often feel more pressure than they have ever—or will ever—feel in their entire lives. Many...

Will Google’s Move To Delete 2,500 YouTube Channels Add Fuel To The Fire With China?

The US-China trade war has started rearing its ugly head. Both sides are now turning to extreme...

India Enterprise IT Spending To Reach Rs. 1,910 Billion In 2012: Manufacturing And communication Industry To Drive The Growth

Manufacturing and Communication Industry is expected to drive the overall growth in the years to come. Sectors like Education,...

Google’s ‘bounty hunter’ program known as Android Reward program has rewarded 82 researchers who have successfully pointed out the Android Vulnerabilities. The company has rewarded them with a whopping $550,000 at an average of $6,700 per researcher. ‘More than a third’ of the 250 ‘qualifying’ reports that Google received were related to Media Server and in turn, Google has made Android OS more secure to vulnerabilities especially for its upcoming Android N.

Google launched this open Security reward program in 2010 and expanded this program to Android platform on June 16, 2015. The company has given up to $38,000 per report that Google made use of to protect users from vulnerabilities by fixing them. While the prime aim, according to the company, is to improve Android security and the targeted devices are Google’s own Nexus Devices, more than a quarter of issues were reported in code that is developed and used mainly outside of the ‘Android Open Source Project’.

The most benefited one from the program, Peter Pi @heisecode, won $75,750 for his 26 vulnerability reports whereas 15 other researchers received more than $10,000 each. Although the topmost prize for the complete remote exploit chain leading to TrustZone or Verified Boot compromise remained unclaimed.

Advertisements

Since the launch of the program, the extravagant Google has awarded a whopping $1.5 million to its researchers who have successfully pointed out the vulnerabilities in its Chrome and Google products.

The search giant seemed to be impressed by the work, has decided to increase the reward prize from June 1, 2016. For a ‘high-quality vulnerability report with proof of concept’, the company will shell out 33% more reward. The additional CTS Test, or a Patch along with the ‘high-quality vulnerability report’ will garner 50% increase in reward. Whereas ‘A remote exploit chain or exploits leading to TrustZone or Verified Boot compromise’ has a considerable increase in reward from $30,000 to $50,000. The one’s who are interested in can learn how to make a high-quality report can visit Bug Hunter University.

bug

Android Vulnerability: A Big Challenge for Google

Android empowers 84.1% of the total smartphones in the world and thus is the main targeted OS for the hackers. The OS empowers 1.4 billion active users worldwide and had recorded 65 billion app downloads last year.

Bugs are everywhere even in the most secure platforms like Mac OS and iOS. The iOS on iPhone is identified as second most vulnerable software with 375 vulnerabilities, whereas Android sits at 20th position with 130 vulnerabilities in 2015.

The numbers speak for themselves and thus Android is bombarded with bugs and vulnerabilities every now and then. According to the latest report, a vulnerability named Accessibility Clickjacking affected 500 million of smartphones running on older version of Android OS.

Advertisements

The reward program is targeted only at Google’s own Nexus devices as they are regarded as pure Android devices. In contrast, other manufacturers modify Android platforms before they push to devices. This has caused a big challenge for Google in a form OS Android Fragmentation from the beginning. Android Smartphone OEMs modify the OS in an attempt to provide a unique experience to their users.

Capture-18

The Android behemoth has invested heavily in Android SDK to provide a safe and secure environment to its developers which accidently may inject malicious code in their apps. On the other hand, Google Play services try to intercept attacks on Android platform. Following the Google’s methods of securing its Nexus devices, major OEM’s have also started releasing security patches to remove any vulnerabilities from their devices.

According to a report, Google has been able to secure 1 billion devices by running daily scans through Play services on over 400 million devices, thus, removed 100,000 apps that possessed major vulnerabilities from the Play Store.

Google has apparently left no stone unturned to uproot the vulnerabilities and thus its next version Android N seems to be quite secure. Learning from his previous mistakes, Google has integrated default encryption in Android Marshmallow thus taking security measures to a next level.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest News

PAN-Aadhaar link: 32.71 Crore Indians Can Now Reap the Benefits

The agenda to link every citizen's Aadhaar card with their PAN card has been on the Indian...

When A City Had To Pay Ransom To Cyber Criminals!

While the rapid advancement in technology surely did gift us with newer and more powerful devices, be it smartphones or iPads, it...

Can Twitter’s New Feature Really Make You Feel Safe?

Twitter has been on what seems like a campaign to make the site a place for more meaningful conversations among users. Ever...

TikTok Acquisition: Not A Cake Walk for Microsoft

After President Trump announced an order banning US companies' transactions with Chinese businesses, which is set to come into effect 45 days...

Can ‘Made In India’ Twitter Alternative Replicate Twitter’s Success?

The popular microblogging platform Twitter has a new Indian clone and it is all set to capture the non-English users in the...

TikTok Stars Are Fighting an Uphill Battle

2020 has proven to be a difficult year for many Chinese-origin apps, including the wildly popular short video app, TikTok. Many Chinese...

In-Depth: Dprime

Will ‘TikTok By Microsoft’ Be A Winner?

For the last two years, TikTok has been in the public eye for all sorts of reasons. First, it was the exploded...

Facebook Subscription Model: Looking Beyond Ad Dollars?

Seldom do job listings create a stir this gripping. However, when the job listing in question is a stealth post from Twitter,...

Will The Online Food Delivery Market in India End Up Becoming A Two-Horse Race?

It's pretty much evident that the food delivery space in India is all set to get riled up soon enough as one...

More Articles Like This