“Hackers are welcome!” – Google
As the title suggests, Google has an interesting way of getting hackers to divert their attention from harmful hacking to “beneficial” hacking.
The “Google Play Security Reward Program” was launched to identify and fix vulnerabilities in Apps listed on Google play. Google teamed up with a vulnerability coordination and bug bounty platform called HackerOne so that they use HackerOne’s platform to locate and fix vulnerabilities. The way this program works is that Developers or Hackers, who wish to take part in the program, will be given access to the platform and will be required to identify, respond and fix bugs in a timely manner. The idea is to find the resolution for the vulnerability as fast as possible or take a maximum of 90 days to fix the issue. In return, if the resolution meets Google’s criteria, the developer/hacker will receive $1000 for every resolved vulnerability. Google has establish a stringent policy where these developers/hackers will have follow HackerOne’s disclosure guidelines and provide detailed reports of the vulnerabilities. Currently, the Apps participating in the Program are Alibaba, Dropbox, Duolingo, Headspace, Line, Mail.ru, Snapchat & Tinder but Google has said that the list is only going to grow. Google’s new approach to tackling IT Security issues has definitely turned heads, but is this something that will be followed by other companies? Only time can tell.