Google is hoping the answer is “Yes”. The search giant is offering a reward of $500-$1337 for each bug, or vulnerability, you can find in its Chromium code (the code base for Google’s Chrome browser).
Google is calling the offer an “experimental new incentive” designed to ensure that its Chrome browser is in fighting form to compete with Mozilla’s Firefox. Google is not only competing with Mozilla, it’s copying their Mozilla Security Bug Bounty Program. But, in true Google form, the Chromium security incentive one-ups Mozilla’s by more than doubling the bounty (Mozilla pays $500).
To qualify for the incentive, you need only be clever enough to find the bug and report it to Google. If it’s a bonafide bug, and one that hasn’t already been identified, you’ll qualify for $500-$1337. To get the $1337 bounty, you’ll need to find particularly well-hidden bugs.
To learn more about Google’s incentive, visit http://blog.chromium.org/2010/01/encouraging-more-chromium-security.html.
To learn more about Mozilla’s Bug Bounty Program, visit http://www.mozilla.org/security/bug-bounty.html.