id2967396acerchromebook3100605416orig
Security

Google has doubled its bounty for a Chromebook hack to US$100,000

Google doubled the bounty it will pay for a successful exploit of its Chromebook laptop to US$100,000, sweetening the pot in hopes of drawing more attention from security researchers.

The larger reward is intended for someone who finds a persistent compromise of a Chromebook in guest mode, according to Google's security blog on Monday.

"Since we introduced the $50,000 reward, we haven’t had a successful submission," Google wrote. "That said, great research deserves great awards, so we’re putting up a standing six-figure sum, available all year round with no quotas and no maximum reward pool."

In guest mode, Chromebook has its highest defenses up: A guest can download files but can't install apps, even from Google's store. Creating malicious applications is one way attackers can try to install malware on a person's computer.

Google has put in place several security measures to make Chromebooks more secure. It automatically downloads software updates, runs Web pages and applications in sandboxes and does a "verified boot" on startup, which will roll back the OS if it has been tampered with by malware.

Google describes what is needed for the top reward: The compromise, delivered through a Web page, must persist in guest mode even when the Chromebook is rebooted.

The company has also added a reward for attacks that can bypass Chrome's Safe Browsing feature, which flags potentially malicious URLs.

IDG Insider

PREVIOUS ARTICLE

« AMD's Radeon Pro Duo is a monster graphics card

NEXT ARTICLE

J.J. Abrams gives SXSW a sneak peek at his new series Westworld »
author_image
IDG Connect

IDG Connect tackles the tech stories that matter to you

  • Mail

Recommended for You

How to (really) evaluate a developer's skillset

Adrian Bridgwater’s deconstruction & analysis of enterprise software

Unicorns are running free in the UK but Brexit poses a tough challenge

Trevor Clawson on the outlook for UK Tech startups

Cloudistics aims to trump Nutanix with 'superconvergence' play

Martin Veitch's inside track on today’s tech trends

Poll

Is your organization fully GDPR compliant?