Skip to main content

Google guves Rs 71 lakh to Chinese researchers for Pixel devices

Google awarded over  USD 112,000 to a Chinese security researcher for reporting an exploit in Google Pixel smartphones.
The Android security team posted in the Google developers forum that Guang Gong of Alpha Team, Qihoo 360 Technology Co. Ltd. had submitted a working remote exploit chain in August 2017. This was the first such exploit since the expansion of Android Security Rewards (ASR) program.
“For his detailed report, Gong was awarded USD 105,000, which is the highest reward in the history of the ASR program and USD 7,500 by Chrome Rewards program for a total of USD 112,500,” Mayank Jain and Scott Roberts wrote for the Android security team.

Gong in a blog post also outlined the bugs he and his team discovered.
The issues reported by Gong and others as well were resolved as part of the December 2017 monthly security update. The company thanked researcher community for their contributions.
All pixel devices will automatically install these updates however the users need to restart their devices to complete the installation.
The internet giants through its Android security rewards program recognises the contributions of security researchers who invest their time and effort in identifying bugs and vulnerabilities. The program covers security vulnerabilities discovered in the latest available Android versions for Pixel phones and tablets. Currently, Pixel 2, Pixel, Pixel XL, Pixel C are the devices under the program.
Last year, rewards were increased under the program. Rewards for a remote exploit chain or exploit leading to TrustZone or Verified Boot compromise was increased from USD 50,000 to USD 200,000. Whereas, rewards for a remote kernel exploit increase from USD 30,000 to USD 150,000.

Labels:

Comments

Post a Comment

Popular posts from this blog

Train 18, Indian Railways first engine-less train, to take passengers to India’s 1st world-class station!

Indian Railways first world-class semi-high speed train set will take passengers to India's first world-class railway station at Habibganj! While Train 18 is expected to roll out this month, the redevelopment work at Habibganj railway station is expected to be over by December end this year. From January 2019,  Indian Railways ’ first engine-less train – Train 18 – will most likely replace India’s fastest Shatabdi Express on the Delhi-Bhopal route. What makes this development more special is the fact that the final destination of the Delhi-Bhopal Shatabdi Express is Habibganj – the first Indian Railways station that is being developed as a world-class transit hub. To put it simply, Indian Railways first world-class semi-high speed train set will take passengers to India’s first world-class railway station at Habibganj! While Train 18 is expected to roll out this month, the redevelopment work at Habibganj railway station is expected to be over by December end this year. Be...
Post a Comment
Read more

Five products we wanted to see, but Apple didn’t launch last week

From the iPad Mini 5 to AirPods 2, here's everything Apple didn't announce at last week's event in New York. Apple   announced a new MacBook Air with Retina Display, an all-new iPad Pro, the second-generation Apple Pencil, and the first major Mac Mini update in years last week. However, several rumoured products were missing from the presentation. There was no mention of its wireless charging pad AirPower neither we get to hear about the next iPad Mini. But then these were always rumours and Apple hadn’t even hinted at working on some of these products. But some of these were logical products for Apple to have released. Here is a list of products we would have loved to see from Apple. Apple iPad Mini 5 The last time Apple released a mini version of the iPad was in September 2015 when it introduced the iPad Mini 4. Ever since then we are still waiting for Apple to release a new version of a small screened tablet. While the company did briefly mention about the iPad...
Post a Comment
Read more

The big hack: How China used a tiny chip to steal data from US companies like Amazon, Apple

Apple made its discovery of suspicious chips inside Supermicro servers around May 2015, after detecting odd network activity and firmware problems, according to a person familiar with the timeline. Amazon in its three-year secret investigation uncovered the malicious chips while examining servers manufactured by a start-up called Elemental technologies, which Amazon eventually acquired. Bloomberg  reported that China had inserted tiny chips into computer equipment manufactured for about 30 US companies, including Apple and Amazon, to steal its technology secrets, citing government and corporate sources. The report further said that the chips were used in equipment made for various US companies and government agencies. According to  Bloomberg,  Amazon in its three-year secret investigation uncovered the malicious chips while examining servers manufactured by a start-up called Elemental technologies, which Amazon eventually acquired Bloomberg  ...
Post a Comment
Read more