Google Patches 10 Chrome Bugs, Pays Out $10K 95
CWmike writes "Google patched 10 vulnerabilities in Chrome on Thursday, but it didn't award any of the researchers who reported bugs its new top-dollar reward. Google divulged no details of the vulnerabilities and, as is its custom, it blocked public access to its bug-tracking database — a practice meant to keep attackers from using the information before most users have upgraded. Some rivals, such as Mozilla, do the same; others, like Microsoft, do not. Sergey Glazunov banked $4,674 for reporting four bugs, including the previous maximum $1,337 each for two of the quartet. A researcher known as 'kuzzcc,' who has also reported flaws in Opera to that browser's Norwegian maker, took home $2,000 for uncovering a pair of Chrome vulnerabilities. But no one received Google's new biggest bounty, which the company set at $3,133.70 last month, after Mozilla had increased its maximum vulnerability payment to $3,000."
Re:True Geeks at Heart (Score:2, Informative)
Re:Money talks. (Score:5, Informative)
Meritocracy at work. It's nice to see, and I'm sure I will hear all sorts of complaints about how it is neither fair nor effective.
Getting paid to help is always good. Especially on things many of us try to help on even if there is not pay incentive.
Re:a couple grand? (Score:5, Informative)
you would think you could sell this information to certain other parties for a lot more than that
and the potential for damage that can be done to the company's brand, and with all of the money the company has, you'd think they'd pay at least an order of magnitude more. and get a lot more interest in finding and reporting security flaws to boot
they are playing pennies for gems of information
Some of us like to play nice. Not saying I am in the category of the people who got those rewards, of course.
Re:a couple grand? (Score:1, Informative)
Do you work there?
My offer from Google was within 5k of the offers from Microsoft, Amazon and Apple. Consulting companies like Booz Allen were quite a bit lower with worse benefits packages. The big financials were even worse, often 20k below in salary compared to the big companies I listed.
Google pays engineers quite well. From what I hear, non-engineers are not as lucky.