Sign in with
Sign up | Sign in

Google Paid $410,000 for Chrome Bugs

By - Source: Google | B 18 comments

Google's bug bounty program, which pays monetary rewards for the discovery of vulnerabilities in Chome, has been a runaway success, according to the company.

Since November 2010, when Goggle began offering cash for bug reports, the company said it paid more than $410,000 to more than 200 individuals who found more than 1100 "legitimate issues" and 730 that qualified for a reward. An additional $19,000 was paid to charities chosen by bug reporters.

The "vast majority" of bug reports were motivated by the potential reward to disclose their discovery. So, even if Google paid more than $400,000, this seems to be a bargain when compared to the potential damage just one bug could have caused.

"It’s not all about money, though," wrote Adam Mein, technical program manager of Google's Security Team in a blog post. "Google has gotten better and stronger as a result of this work. We get more bug reports, which means we get more bug fixes, which means a safer experience for our users."

Google also disclosed that about half of all bugs found were located in software provided by companies that Google had acquired.

Discuss
Display all 18 comments.
This thread is closed for comments
Top Comments
  • 24 Hide
    d-isdumb , February 11, 2012 10:37 AM
    The salary for one good programmer and one person could not find all the bugs found by the numerous programmers/users who found them. I say Google did a smart move. The linux community does the same thing but no one gets paid.
  • 19 Hide
    guru_urug , February 11, 2012 2:10 PM
    In other news, greedy apple wont pay its actual production employees more than a few $ a day.
  • 18 Hide
    TheMaristBoy , February 11, 2012 12:41 PM
    Google, you're doing it right
Other Comments
  • 24 Hide
    d-isdumb , February 11, 2012 10:37 AM
    The salary for one good programmer and one person could not find all the bugs found by the numerous programmers/users who found them. I say Google did a smart move. The linux community does the same thing but no one gets paid.
  • 11 Hide
    vaughn2k , February 11, 2012 11:15 AM
    I found 2 roaches and 1 centipede... do I get paid for this? Just kidding..
  • 14 Hide
    alhanelem , February 11, 2012 12:06 PM
    Its an effective use of man power
  • 18 Hide
    TheMaristBoy , February 11, 2012 12:41 PM
    Google, you're doing it right
  • 8 Hide
    JDFan , February 11, 2012 1:00 PM
    Just makes you wonder if they continue the program -- How many of their programmers will start to intentionally slip bugs into the coding for their "Friends" to find for some extra income !!
  • 19 Hide
    guru_urug , February 11, 2012 2:10 PM
    In other news, greedy apple wont pay its actual production employees more than a few $ a day.
  • 6 Hide
    AznCracker , February 11, 2012 3:28 PM
    using chrome right now :) 
  • -6 Hide
    danwat1234 , February 11, 2012 4:28 PM
    Chrome is so nice in that it uses both cores of my CPU whereas firefox just uses 1 core to render all tabs.
  • 4 Hide
    HenrikG , February 11, 2012 6:15 PM
    You get what you pay for... a damn good browser. The best.
  • 9 Hide
    zybch , February 11, 2012 7:58 PM
    Thats a LOT of bugs.
  • 0 Hide
    leakingpaint , February 12, 2012 8:06 AM
    Google is cool!
  • -4 Hide
    nebun , February 12, 2012 4:32 PM
    google is evil and i still use it :)  what can i say, it's free.....wait, not really
  • 2 Hide
    Anonymous , February 12, 2012 11:10 PM
    How much do I get paid for pointing out the spelling 'bug' in your subheadline? :) 
  • 0 Hide
    eddieroolz , February 13, 2012 3:15 AM
    I think it also helps that people (for one reason or another) love Google overall. If Microsoft did the same, it wouldn't be as much of a success because of the same reason.
  • 0 Hide
    tomaz99 , February 13, 2012 3:12 PM
    Google also disclosed that about half of all bugs found were located in software provided by companies that Google had acquired.

    My skool'n days are over...but it sounds like half the bugs are therefore caused by 'regular' Google employees.

    I wouldn't make the distinction.
  • 1 Hide
    rosen380 , February 14, 2012 1:00 PM
    But if 95% of the code is written by their hires and only 5% comes from these 'third parties', then noting that the bugs were 50/50 may be pretty significant...
  • 0 Hide
    Gigz6413 , February 15, 2012 11:18 PM
    Whereas Apple would probably be like.... "Pay us, and we'll remove the bugs."
  • 0 Hide
    rosen380 , February 17, 2012 12:52 PM
    Ummm, isn't it up to Foxconn to offer a fair wage and for their employees to accept or decline it? Apple contracts them to build a product, but doesn't run their organization.

    Everything I've read seems to indicate that those workers make a pretty good living given the costs of living in those areas