Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Google Security

Google Will Pay Bug Hunters Up To $1.5M if They Can Hack Its Titan M Chip (zdnet.com) 21

Posted by msmash from the raising-the-bar dept.
Google announced today that it is willing to dish out bug bounty cash rewards of up to $1.5 million if security researchers find and report bugs in the Android operating system that can also compromise its new Titan M security chip. From a report: Launched last year, the Titan M chip is currently part of Google Pixel 3 and Pixel 4 devices. It's a separate chip that's included in both phones and is dedicated solely to processing sensitive data and processes, like Verified Boot, on-device disk encryption, lock screen protections, secure transactions, and more. Google says that if researchers manage to find "a full chain remote code execution exploit with persistence" that also compromises data protected by Titan M, they are willing to pay up to $1 million to the bug hunter who finds it. If the exploit chain works against a preview version of the Android OS, the reward can go up to $1.5 million.
This discussion has been archived. No new comments can be posted.

Google Will Pay Bug Hunters Up To $1.5M if They Can Hack Its Titan M Chip More

Google Will Pay Bug Hunters Up To $1.5M if They Can Hack Its Titan M Chip

Comments Filter:

  • They need a more nichey and elite buzzword term to refer to their chip, like the fruity company does

  • And they will throw in life time hospitality in an all expenses paid resort in Siberia.

  • Still not enough. (Score:3)

    by Gravis Zero ( 934156 ) on Thursday November 21, 2019 @03:41PM (#59440286)

    Considering each government agency will pay about that much a single use, I think they should up the bounty to $50M. They have to recognize these are one-off payments where governments are willing to continually shell out money while the hack still works.

    • Riight. Right before kicking in your door, taking it back, and making you their bitch.

    • Considering each government agency will pay about that much a single use, I think they should up the bounty to $50M. They have to recognize these are one-off payments where governments are willing to continually shell out money while the hack still works.

      Governments aren't really part of the threat model, because there's basically no way to protect mass-produced hardware against nation-state attackers. Although I disagree with James Mickens' Mossad/not-Mossad [usenix.org] notion of threat models, he's not wrong when he says that if your opponent is the Mossad (or NSA, or GCHQ, or Spetssvyaz, or... ) "YOU’RE GONNA DIE AND THERE’S NOTHING THAT YOU CAN DO ABOUT IT" (his words, and his capitalization).

      If you restrict your threat model to include top-tier law

      • There's a difference between spying and killing.

        • There's a difference between spying and killing.

          Way to completely miss the point. Mickens' statement was tongue in cheek, not meant to be taken literally. But the point is that if the Mossad et al want to compromise your phone and spy on you, they absolutely will.

  • Here's our NSL. Sign, or USA PATRIOT act.

    And here's a Titan M from our own fab, with a dopant-level hardware backdoor.

    Aand here's the Chinese backdoor edition. With our backdoor on top.

    Russian one. Same same.

    EU one.

    . . .

    Damn you Mossad! *Always* are you first!
    *hangs head in depression*
    Alright. Hand them the prize.

  • Maybe Google can move all the banking stuff to this chip, so it doesn't care if your phone is rooted or not. It would be nice to have control of one's device, as well as be able to pay at the pump with NFC so you don't have to worry about skimmers.

  • "a full chain remote code execution exploit with persistence"

    I can't recall the list time I heard of such a thing, at least depending on how they define 'remote'.

    At least once upon a time, it was only 'remote' if the local user did not take any action at all to help. For example a browser exploit that required visiting a web page didn't count as 'remote' by the vocabulary of the day.

    Of course if browser page accesses do count, there have been some of those to get to rooting a device, but even then it's been a long time.

  • Now, someone remind me, what was the fault point that has caused so much data breaches and disasters in the recent years?

    was it a chip? a protocol? a piece of software?

  • Let me guess (Score:3)

    by 93 Escort Wagon ( 326346 ) on Thursday November 21, 2019 @05:16PM (#59440594)

    Are they calling this new program "Attack on Titan"?

Slashdot Top Deals

"It might help if we ran the MBA's out of Washington." -- Admiral Grace Hopper

Close