Google is organizing a second event centered around for the hacking of its own solutions, Chrome browser. The firm promises rewards ranging from 40000 to 60000 dollars for those discovering security vulnerabilities in its browser.
After the contest organized by Google Pwnium, parallel sessions Pwn2Own, the U.S. firm announces a second event dedicated to hacking and security. Soberly named as Pwnium 2, it will be held on October 10 in Kuala Lumpur (Malaysia) and bring together those who want to "break" of Chrome browser.
Google promises a total reward of $2 million in bonuses and class in 4 distinct categories. These are well presented in a note posted on the official blog of Chromium:
- $60,000: “Full Chrome exploit”: Chrome / Win7 local OS user account persistence using only bugs in Chrome itself.
- $50,000: “Partial Chrome exploit”: Chrome / Win7 local OS user account persistence using at least one bug in Chrome itself, plus other bugs. For example, a WebKit bug combined with a Windows kernel bug.
- $40,000: “Non-Chrome exploit”: Flash / Windows / other. Chrome / Win7 local OS user account persistence that does not use bugs in Chrome. For example, bugs in one or more of Flash, Windows or a driver.
A final category called “Incomplete exploit” is set up by the organizers. It can reward (of an amount decided by the jury) a feat chain execution is, for example, not complete.
The latest version of Chrome will be used and participants will be offered an Acer Aspire V5-571-6869 for their demonstration. Anyone who has done the best demonstration will walk away with this laptop.