Google offers $1 million prize to hack Chrome
"The aim of our sponsorship is simple: we have a big learning opportunity when we receive full end-to-end exploits," Chris Evans and Justin Schuh of Google Chrome's security team said in a blog post.
"Not only can we fix the bugs, but by studying the vulnerability and exploit techniques we can enhance our mitigations, automated testing, and sandboxing. This enables us to better protect our users."
Three prize categories have been created:
Called Pwn2Own, the contest will target four web browsers: Microsoft Internet Explorer, Apple Safari, Google Chrome and Mozilla Firefox. Computers must be running on the latest, updated version of Windows 7 or Mac OS X Lion.
$60,000 - "Full Chrome exploit": Chrome / Win7 local OS user account persistence using only bugs in Chrome itself.
$40,000 - "Partial Chrome exploit": Chrome / Win7 local OS user account persistence using at least one bug in Chrome itself, plus other bugs.
$20,000 - "Consolation reward, Flash / Windows / other": Chrome / Win7 local OS user account persistence that does not use bugs in Chrome.
According to Ars Technica, "Chrome is currently the only browser eligible for Pwn2Own never to be brought down."