Win a piece of the Pi/Mega Vulnerability Prizes

Squeaky the Squirrel

Google Offers $3.14159 Million In Total Rewards For Chrome OS Hacking Contest

At its third Pwnium hacking competition in Vancouver in March, the company is ponying up a total of $3.14159 million in prizes for hackers who can demonstrate critical security vulnerabilities in its Chrome OS operating system running on a Samsung Series 5 550 Chromebook, according to a notice posted Monday on its Chromium blog.

Any participant who can take over a Chromebook user’s browser or entire computer via a malicious Web page can earn a $110,000 payout. And if the hacker can maintain persistent control over the system between reboots of the machine, he or she can win $150,000.

Kim Dotcom launches Mega vulnerability reward program, offering up to $13,500 per bug

Kim Dotcom has officially launched his Mega vulnerability reward program that was announced last week. As we reported earlier, the founder of Mega, the newly launched file storage service, is challenging anyone to report a previously unknown security-relevant bug or design flaw. The enticement? He’s offering up to €10,000 per bug (approx. US$13,580), “depending on its complexity and impact potential.”

It’s important to note that participants could receive up to €10,000 so it’s critical to understand what bugs qualify. According to the company:

• Remote code execution on any of our servers (including SQL injection)
• Remote code execution on any client browser (e.g., through XSS)
• Any issue that breaks our cryptographic security model, allowing unauthorized remote access to or manipulation of keys or data
• Any issue that bypasses access control, allowing unauthorized overwriting/destruction of keys or user data
• Any issue that jeopardizes an account’s data in case the associated e-mail address is compromised