Njengoba abaningi benu bazokwazi, Uhlelo lwe-Chrome lokuba sengozini yokuba sengozini luvuza wonke umuntu ngokuthola ngokuqondile nokubika izinkinga zokuphepha zesiphequluli.
I-Google isanda kumemezela, kokuthunyelwe kubhulogi lakhe lezokuphepha, manje eseyanda ngokwanda kusuka ku- "Chrome Vulnerability Rewards Program," ngomvuzo wemibiko esezingeni eliphakeme ukhuphuke waya ku- $ 30,000 futhi ibhonasi yokuthola ukuyekethisa ku-Chrome OS iphinde yahlolwa ngo- $ 150,000.
AbakwaGoogle bakusho lokho Okuvelele kokwanda kwamabhonasi e-bug kufaka phakathi kathathu umvuzo omkhulu ngombiko obizwa "ngesisekelo" ngemininingwane emincane kakhulu kusuka ku- $ 5,000 kuya ku- $ 15,000.
Ukukhokhelwa okuphezulu kombiko obizwa ngokuthi "wekhwalithi ephezulu", kunenqwaba yolwazi echaza, isibonelo, ukuthi abaduni bangayisebenzisa kanjani le bug, ukuthi imvelaphi yayo, noma ukuthi ingaxazululwa kanjani, nayo iphindwe kabili. Kusuka ku- $ 15,000 kuya ku- $ 30,000, ngokusho kwendatshana yebhulogi le-Chrome Security.
Isamba esikhulu sisabangelwa ukutholakala kobungozi ku-Chrome OS, Ingxenyekazi yesoftware yakwaGoogle yeChannelbook noma iChannelbox.
Kuleli zinga, I-Google futhi inyuse umklomelo wayo waba ngu- $ 150,000 wabaphenyi abazothola ukuhlaselwa okungabeka engozini i-Chromebook noma i-Chromebox. Izimbungulu zokuphepha ezitholakala ku-firmware kanye / noma ezivumela abahlaseli ukudlula isikrini sokukhiya se-Chrome OS nabo bayakhokha, ngokusho kweposi le-blog.
I-Google idale uhlelo lwayo lwe-bug bonus kusukela ngo-2010. Kuze kube manje, i-Google ithole imibiko yeziphazamisi engaphezu kuka-8,500 5 futhi abaphenyi abakhokhelwayo bangu- $ 2014 million. Ushintsho lokuqala kwisisekelo semiklomelo lwenziwa ngoSepthemba XNUMX, eminyakeni emine ngemuva kokwethulwa kohlelo.
Futhi ngaleso sikhathi, uhlelo lwe-Google Chrome lwe-bug lwalukhokha ngaphezulu kuka- $ 1.25 million kubaphenyi bezokuphepha abathole izimbungulu ezingaphezu kuka-700 esipheqululini sabo, kepha iGoogle yathola ukuthi lokhu kwakunganele. Eminyakeni emihlanu kamuva, inani lemibiko lenyuka lisuka ku-700 laya ku-8.500 kanti iGoogle yanquma ukuphinda imiklomelo kathathu.
Ngaphezu kokunyuka okukhulunywe ngenhla, GoI-ogle nayo inyuse imivuzo yokuhlolwa kwe-fuzz (noma ukuhlolwa okungahleliwe), inqubo yokuhlola isoftware abazingeli be-bug abayisebenzisayo ukuphonsa idatha engahleliwe kokufakwayo.
Umkhiqizo wesoftware ngenhloso yokuthola okufakiwe kwenkinga. Ngokusho kweposi le-blog, "Ibhonasi eyengeziwe yezimbungulu ezitholwe ama-fuzzers asebenzisa uhlelo lwe-Chrome Fuzzer nayo iphindwe kabili yaya ku- $ 1,000."
Ukukhuphuka futhi kuthinte amanani akhokhelwe abacwaningi ngohlelo lwemiklomelo yokuphepha ye-Google Play.
Eqinisweni, imivuzo yamaphutha wokusebenzisa amakhodi akude inyuke isuka ku- $ 5,000 yaya ku- $ 20,000, ukwebiwa kwedatha yangasese engaphephile kusuka ku- $ 1,000 kuya ku- $ 3,000, nokutholakala kwezingxenye zohlelo lokusebenza oluvikelwe kusuka ku- $ 1,000 kuya ku- $ 3,000.
Ngokwengeziwe, uma udalula ukuba sengozini konjiniyela bezinhlelo ababambe iqhaza ngendlela "enesibopho", uzothola ibhonasi, ngokusho kwe-Google.
Ngezansi uhlu olusha olwengezelwe netafula lebhonasi elidala. Imivuzo efanelekile yeziphazamiso zokuphepha imvamisa isukela ku- $ 500 iye ku- $ 150,000.
Futhi ukuthi le nhlangano ihlose ukuthi le mibiko ifinyelele ezandleni zabo kuqala, ngoba hhayi izinkampani zobuchwepheshe kuphela eziklomelisa abazingeli bezimbungulu, kodwa ohulumeni nezigebengu nabo bakhokhela ubungozi, abangabusebenzisa emisebenzini enjengeyobunhloli. Nokwebiwa kwemininingwane.
Eposini le-blog, I-Google iphinde icacise ukuthi ithatha ini njengombiko osezingeni eliphakeme futhi ivuselele imikhakha yamaphutha ukwenza kube lula kubacwaningi.
"Siphinde sakucacisa lokho esikuthatha njengombiko osezingeni eliphezulu, ukusiza izintatheli zithole umklomelo ophakeme kakhulu, futhi sibuyekeze izigaba zamaphutha ukuze zibonise kangcono izinhlobo zamaphutha abikiwe nezisithakasela kakhulu," esho kusho inkampani.
AbakwaGoogle bathi lokhu kwanda kwabazingeli be-Chrome bug kuzosebenza kokuthunyelwe okuthunyelwe ngemuva kokuthunyelwe kwebhulogi labo. Ungathola imininingwane eminingi ngokwanda lapha.
Umthombo: https://security.googleblog.com/
Ngisibika kanjani isiphazamisi?