Can you imagine being paid to do something illegal out of the ordinary? That’s exactly what Google wants hackers to do. Google is interested in finding out about its security flaws in its Google Chrome browser, so they are willing to pay $1 million to anyone who can expose flaws in the browser.

There are several security categories that Google is interested in:

$60,000 – “Full Chrome exploit”: Chrome / Win7 local OS user account persistence using only bugs in Chrome itself.

$40,000 – “Partial Chrome exploit”: Chrome / Win7 local OS user account persistence using at least one bug in Chrome itself, plus other bugs. For example, a WebKit bug combined with a Windows sandbox bug.

$20,000 – “Consolation reward, Flash / Windows / other”: Chrome / Win7 local OS user account persistence that does not use bugs in Chrome. For example, bugs in one or more of Flash, Windows or a driver. These exploits are not specific to Chrome and will be a threat to users of any web browser. Although not specifically Chrome’s issue, we’ve decided to offer consolation prizes because these findings still help us toward our mission of making the entire web safer.

Google also stated that each winner would also receive a Chromebook and that there can be multiple winners in each category up to the $1 million limit.


This is an interesting strategy that many business owners are afraid to undertake. Oftentimes, business owners are afraid of exposing their product to competitors or they are unwilling to part with significant sums of money to learn about their products shortcomings. We think this is smart move on Google’s part for quality control and brand loyalty.

What do you think of Google’s contest for hackers? Would more businesses benefit from learning about flaws in their products? Leave us a comment on our Google+ wall and let us know what you think. As always, please feel free to share this with friends.

Google Chrome Logoimage credit: toprankonlinemarketing on flickr


  1. David

    According to our laws, anything written into a contract that is illegal, makes that contract unenforceable.

    So if it what the hacker has to do to find the exploit is truly illegal, the offer Google is making is not legally binding.

    One would hope they would pay up anyway, otherwise nobody would ever take them up on an offer like this again.

    • JASE Team

      I agree, David. I would hope that Google would do the right thing.

    • droope

      How is finding a flaw in some software — on top of that, with the authors consent — illegal???????

      • JASE Team

        Not “illegal” as in, against the law. “Illegal” as in, against the rules.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>