Hack A Chromebook for $100,000
Written by Alex Armstrong   
Tuesday, 22 March 2016

Google has doubled the reward payable for a persistent compromise of a Chromebook in guest mode. It has also introduced a new reward for bypassing Chrome's Safe Browsing download protection features.

Google's existing rewards for Chrome hacks are unchanged from when we last reported on them and, together with the new reward in its final line, are outlined in this table.

 High-quality report with
functional exploit [1]		High-quality report [2]Baseline [3]Low-quality report [4]
Sandbox Escape [5] $15,000 $10,000 $2,000 - $5,000 $500
Renderer Remote Code Execution $7,500 $5,000 $1,000 - $3,000 $500
Universal XSS (local bypass or equivalent) $7,500 $5,000 N/A N/A
Information Leak $4,000 $2,000 $0 - $1000 $0
Download Protection bypass [6] N/A $1,000 $0 - $500 $0


[1] A high-quality report with a reliable exploit that demonstrates that the bug reported can be easily, actively and reliably used against users.

[2] A report that includes a minimized test case and the versions of Chrome affected by the bug. You will also demonstrate that exploitation of this vulnerability is very likely (e.g. good control of EIP or another CPU register). Your report should be brief and well written with only necessary detail and commentary.

[3] A minimized test case or output from a fuzzer that highlights a security bug is present.

[4] A report submitted with only a crash dump, without a Proof of Concept (PoC) or with a poor quality PoC (e.g. a 1MB fuzz file dump with no attempt at reduction) that is later verified to be a legitimate issue.

[5] Escaping any layer of the sandbox (including the NaCl sandbox) will be considered as a sandbox escape.

[6] Landing a blacklisted test binary on disk where a typical user could execute it, on Mac or Windows. The file type on disk must lead to non-sandboxed code execution after minimal user interaction with the file. 


Google's Security Reward Program is successful both for Google and for security researchers as indicated that since it was initiated in 2010 over $6 million has been paid out to over 300 recipients with over 750 payouts totalling over $2 million last year.

 

googlebugbounty

 

However since Google introduced a reward of $50,000 for hacking a Chromebook no-one has made a successful submission - prompting Google to double the amount of money on offer to $100,000. This is available all year round with no quotas and no maximum reward pool for compromising a Chromebook or Chromebox with device persistence in guest mode (i.e. guest to guest persistence with interim reboot, delivered via a web page). 

This increased reward is a reflection of the fact that Chrome is getting harder to hack. It came out as the most secure web browser at last week's Pwn2Own. One attack on it failed and while another was successful it used a  vulnerability that had already been reported.   

 

More Information

Chrome Reward Program Rules

 

Related Articles

Google Increases Maximum Bounty For Chrome Bugs

Pwn2Own 2016 - The Results

Largest Payout Ever At Pwn2Own 2015 

Chrome Hacked Twice at CanSecWest

Chrome Safe In Pwn2Own Contest

Chrome, IE and Firefox Hacked

 

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on, Twitter, FacebookGoogle+ or Linkedin.

 

Banner

NVIDIA Releases Free Courses On AI
19/04/2024

NVIDIA has jumped on the AI bandwagon in a big way. Hardware aside, this means working on training material too. Several self- paced courses have been released and for free too!


+ Full Story
Quantum Computing Prize Awarded
05/04/2024

John Preskill, Professor of Theoretical Physics at the California Institute of Technology, is the eighth recipient of the John Stewart Bell Prize for Research on Fundamental Issues in Quantu [ ... ]


+ Full Story
More News

 

raspberry pi books

 

Comments




or email your comment to: comments@i-programmer.info
Last Updated ( Tuesday, 22 March 2016 )