Kamar yadda yawancinku za su sani, Shirye-shiryen falala mai rauni na Chrome ya ba kowa lada don ganowa kai tsaye da kuma bayar da rahoton matsalolin tsaro na burauzan.
Google kwanan nan ya sanar, a cikin wani sako a shafinsa na tsaro, wanda yanzu yana ƙaruwa da yawa daga "Shirye-shiryen Bada Tukuici na Chrome," tare da lada kan rahotanni masu inganci ya karu zuwa $ 30,000 kuma kari don nemo sasantawa a cikin Chrome OS an sake tantance shi da $ 150,000.
Google yace hakan Manyan bayanai game da ƙaruwar garambawul ɗin bug sun haɗa da ninka lada mafi girma don rahoton da ake kira "na asali" tare da ɗan bayani kaɗan daga $ 5,000 zuwa $ 15,000.
Matsakaicin biya don abin da ake kira 'inganci mai kyau', tare da ɗimbin bayanan da ke bayani, alal misali, yadda masu fashin baƙi za su iya yin amfani da kwaro, menene asalinsa ko yadda za a iya magance shi, an ma ninka shi. Daga $ 15,000 zuwa $ 30,000, a cewar labarin blog na Tsaron Chrome.
Mafi yawan adadin har yanzu saboda gano yanayin rauni a cikin Chrome OS, Tsarin software na Google don Chromebook ko Chromebox.
A wannan matakin, Google ya kuma ƙara lada zuwa $ 150,000 ga masu bincike waɗanda za su gano hare-haren da za su iya sasanta Chromebook ko Chromebox. Kuskuren tsaro da aka samo a cikin firmware da / ko wanda ke bawa maharan damar tsallake allon kulle Chrome OS suma suna biya, a cewar shafin yanar gizon.
Google ya kirkiro tsarin kyaututtukan buginsa tun shekara ta 2010. Zuwa yau, Google ya karbi rahotannin kwari sama da 8,500 kuma ya biya masu binciken dala miliyan 5. Canji na farko zuwa asalin bayar da kyautar an yi shi ne a watan Satumbar 2014, shekaru hudu bayan ƙaddamar da shirin.
Kuma a wancan lokacin, shirin Google na kwaro na Chrome ya biya sama da dala miliyan 1.25 ga masu binciken tsaro wadanda suka gano kura-kurai sama da 700 a masarrafar su, amma Google ya gano cewa wannan bai isa ba. Shekaru biyar bayan haka, adadin rahotanni sun ƙaru daga 700 zuwa 8.500 kuma Google ya yanke shawarar ninka lambobin ninki uku.
Baya ga haɓaka da aka ambata a sama, Ku tafiogle ma ya kara ladan gwajin fuzz -
Samfurin software don manufar gano shigarwar matsala. A cewar shafin yanar gizon, "Karin kyautar ga kwari da masu fuzz masu gudanar da shirin Chrome Fuzzer suka samu ya ma ninka zuwa $ 1,000."
Arin ya kuma shafi adadin da aka biya wa masu bincike ta hanyar shirin lada na tsaro na Google Play.
A zahiri, ladar kurakuran aiwatar da lambar kurakurai sun tashi daga $ 5,000 zuwa $ 20,000, satar bayanan sirri marasa tsaro daga $ 1,000 zuwa $ 3,000, da samun damar abubuwan haɗin aikace-aikace masu kariya daga $ 1,000 zuwa $ 3,000.
Kari kan hakan, idan ka bayyana rashin dacewar masu kirkirar aikace-aikacen da ke cikin '' aiki '', za ka samu garabasa, a cewar Google.
Da ke ƙasa akwai sabon jerin haɓaka da tsohuwar teburin ƙarancin bug. Tukuici don kurakuran tsaro masu cancanta yawanci daga $ 500 zuwa $ 150,000.
Kuma shine wannan motsi yana nufin shigar da rahotanni a hannunsu da farko, tunda ba kamfanonin fasaha bane kawai ke ba da lada ga masu farautar ɓari, amma gwamnatoci da masu aikata laifi ma suna biyan kuɗi don lahani, waɗanda za su iya amfani da su a ayyukan kamar leken asiri. Da kuma satar bayanan sirri.
A cikin rubutun blog, Google ya kuma bayyana abin da ya ɗauki rahoto mai inganci kuma ya sabunta nau'ikan kuskuren don sauƙaƙa wa masu bincike.
"Mun kuma fayyace abin da muke dauka a matsayin rahoto mai inganci, don taimaka wa 'yan jarida su samu gagarumar lada, kuma mun sabunta nau'ikan kuskuren don kara nuna ire-iren kurakuran da aka ruwaito kuma hakan ya fi shafar mu," In ji kamfanin.
Google ya ce wannan ƙarin wa masu farautar kwari na Chrome za su yi amfani da abubuwan da aka gabatar ne bayan rubutun su. Kuna iya samun ƙarin cikakkun bayanai game da haɓaka nan.
Source: https://security.googleblog.com/
Yaya zan yi rahoton kwaro?