Crackers who can peel back the layers of security in Google's Chrome OS could find themselves with a share of $π million.
Google is getting serious about its Chrome web browser and associated cloud-powered Chrome OS operating system, and it's certainly putting its money where its mouth is: the company is putting up a prize fund of several million dollars for hackers who can find flaws in its platforms.
As is usual, the company's Chrome browser - and its open-source underpinnings, Chromium - is part of the Pwn2Own contest held at the CanSecWest security conference each year. Due to kick off on the 6th of March, Pwn2Own provides hackers with brand-new, freshly-updated hardware - Windows, Mac and Linux desktops, laptops and tablets - and gives them away for free to whomever can crack their security in the shortest time. It's a win-win scenario: hackers, crackers and other security types get to show off their skills and hopefully walk away with some free hardware, while the companies behind the packages are given a heads-up on potential security flaws - and hopefully before the ne'er-do-wells get a sniff.
As well as underwriting some of the prizes in Pwn2Own for hackers targeting the Chrome browser, Google has announced that it is continuing its own crackathon dubbed Pwnium - and it's putting up $3.14159 million as a prize fund.
Designed to encourage security researchers to turn their gazes onto Chrome OS, the company's cloud-powered Linux-based operating system, Pwnium 3 provides $π million in a fund for those who are able to successfully attack the platform. Researchers who are able to able to crack the security of a Samsung Series 5 550 Chromebook running the latest Chrome OS will walk away with $110,000 for each browser- or system-level compromise delivered via a web page, or $150,000 if the exploit remains persistent between two guest logins with a reboot in the middle.
'We believe these larger rewards reflect the additional challenge involved with tackling the security defences of Chrome OS, compared to traditional operating systems,
' boasted Chris Evans, of Google's Chrome Security Team, in a blog post
detailing the event.
As with Pwn2Own, which will also target other platforms and software packages, Pwnium 3 is due to take place at the CanSecWest conference in Vancouver, BC on the 7th of March.