Google Bug Bounty Program Awards Teen $36,000

Must Read

Microsoft Warns Millions of Windows 10 Users, And It’s Scary!

Microsoft’s Windows 10 update worries seem to haven’t stopped even after they started to secretly offer Windows...

Facebook Falls Prey To Coronavirus: Cancels Global Marketing Summit 2020

The deadly Coronavirus outbreak seems to have now become the primary cause of the cancellation of another...

Microsoft Study Reveals Indians Have Become Less Digitally Civilised Than The Previous Years!

With the coming age of digital boom in India, more and more people have been gaining access...
Divya Nayakhttp://dazeinfo.com
Computer Science Engineer and a wee-hour-writer. An ardent reader and if books were in bribe, might turn corrupt.

Cyber-crime is one oft-repeated threat, which apparently doesn’t seem like slowing down. However, the only defence to this threat is security vigilance and awareness. A quick way to test the corresponding security measures is by incorporating bug bounty programs which have been on the maps of several companies, for a long time now. Although not all bug bounty programs provide remunerations, others can go as high as $36,000 like Google who recently awarded an Uruguayan teenager for exposing a security flaw.

The herculean search engine Google awarded an Uruguayan teenager with $36,000 for reporting a major vulnerability. The 18-year-old Ezequiel Pereira from Uruguay debugS a severe security hole which, otherwise, would have allowed hackers to make changes to Google’s internal systems. At the outset of 2018, Ezequiel Pereira, having a keen interest in programming, got access to a non-Production App Engine deployment environment where he was able to use internal APIs. Remote Code Execution, as it is known, is a part of Google Vulnerability Rewards Program.

The Uruguayan Prodigy:

Ezequiel Pereira, while on the verge of turning 17, earned his first reward through Google bug bounty program wherein he exposed a Google security flaw.

Tapping along the ABCs of this whiz kid; Pereira got his first computer when he was 10. He spent years learning different coding languages, after a steady initiation when he was 11 years old. He finished off as a grand prize winner of Google Code-in 2015, paving a way to Google’s California headquarters.

Advertisements

I found something almost immediately that was worth $500 and it just felt so amazing. So I decided to just keep trying ever since then. – Ezequiel Pereira

He found his second biggest bug on July 2017 through which he earned $10,000. Despite using more than half of the money on applying for scholarships to US Universities, he couldn’t manage into any of the schools. Hence, he took off to become self-taught and started schooling at home. With an aim of achieving master’s degree in Computer Security, Pereira keeps himself busy, hunting bugs.

Pereira got permission to write about how he discovered it recently after Google fixed the issue. It marks his fifth accepted bug.

The Tabloid in a Nut-shell:

  • Early February 2018: Main bug was discovered.
  • February 25th, 2018: Initial report sent, containing the “stubby” API
  • March 4th and 5th, 2018: The app_config_service” API was discovered and reported
  • Between March 6th and 13th, 2018: The access to non-prod Google App Engine environments was blocked with a 429 error page
  • 13th March, 2018: Reward of $36,337 issued
  • May 16th, 2018: Confirmation of the security flaw been fixed.

Bug Bounty Programs Boosts Ethical Hacking :

Bug bounty programs are designed to key-up software security researchers and pay them to find vulnerabilities and report back to the sponsor. In return, the researchers are richly rewarded for their findings. In fact, as part of Google’s Android Security Rewards Program, Researcher Guang Gong, received the largest reward of the year 2017: $112,500.

Heretofore, Pereira’s submissions are towards the Google’s bug bounty program. However, there’re many other technology companies which offer similar awards to ensure smooth and essentially, authentic and supervised access. Introducing bounty programs and offering monetary awards is sure to motivate hackers to discover and report flaws rather than selling them off to malicious, third-party sources. Many corporations have been announcing such programs, wherein they reward hackers who can break into their systems and eventually, report breaches in the process.

Advertisements

Ethical hacking is one’s fair shake to be on the right side of the law while securing systems by hunting down flaws and fixing them.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest News

LinkedIn Finally Rolls Out The Most Requested Feature By Users

Microsoft owned LinkedIn has recently been reported to have revamped its profile section with an amazing feature...

Google is Giving Microsoft a Taste of its Own Medicine

The latest version of the Microsoft Edge browser was launched about a month ago for Windows 10, Windows 8, Windows 8.1, and...

PhonePe Is Betting Big On The New Facility To Woo Smartphone Users And Merchants

The popular digital payments app PhonePe has recently been reported to launch a feature which is bound to solve their user’s cash...

Microsoft, Xbox, and One Small Mistake: Loss of $1 Billion

Microsoft Corporation (NASDAQ:MSFT) needs no introduction as it is one of the oldest players in tech space and dominated the industry undisputedly...

Facebook Without Mark Zuckerberg And Sheryl Sandberg?

Imagine Facebook without Mark Zuckerberg and Sheryl Sandberg, the current CEO and COO of the world's largest online social media network having...

Essential Email Marketing Features for eStore Owners That Generate Guaranteed ROI

Email marketing is essential and is a significant part of current digital strategies. Email marketing reigns supreme when you need to enhance...

In-Depth: Dprime

YouTube Should Have Bid Adieu To Dislike Button Much Earlier?

Online video sharing platform YouTube can be a ruthless place for content creators targeted by 'dislike mobs'. And the site owners totally understand that...

Facebook Has Pulled Off A Masterstroke By Integrating Its ‘Family Of Apps’?

It’s indeed hard to believe that ONE man sitting at Menlo Park, oversees how nearly a third of the world’s population interacts with each...

Facebook’s Crunch Conquest: By Relying Largely On The US Market, Is Facebook Running a Risk?

Two billion! That's Facebook, Inc. (NASDAQ: FB) for you - Right when you thought that this social-media giant has already connected the entire world, it's...

More Articles Like This