Critics call Google bug bounty 'insulting'

Summary:In an effort to entice security researchers to look for holes in the Chrome browser, Google has announced it will pay $500 for bugs found in the code.

In an effort to entice security researchers to look for holes in the Chrome browser, Google has announced it will pay $500 for bugs found in the code.

However, several experts have said that is not enough money to motivate skilled vulnerability researchers.

"I think it's ridiculous," Charlie Miller, a senior security researcher at Independent Security Evaluators, said when asked on Monday for his opinion of Google's new bug bounty program. "It's insulting. It's so low."

Under Google's new experimental incentive program, announced on 28 January, people will get paid $500 for selected interesting and original security vulnerabilities discovered in Chrome, or $1,337 for particularly severe or clever bugs. That figure refers to the geek term for elite, or 'leet', which can be spelled out using the numbers.

For more on this story, read Microsoft, Google split over browser bug bounty on CNET News.

Topics: Google, Browser, Microsoft

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.