While Google has vast resources of its own to find security vulnerabilities, the company has long embraced the idea of paying security researchers for finding flaws. In 2015 alone, Google paid out $2 million in bug bounties to more than 300 security researchers.
“Last year we gave out a lot of money to a lot of people for a lot of bugs,” Somogyi said.
And in 2016, Google is on track to give out even more money, he said. In March, Google increased the top reward it pays out for a Chrome OS vulnerability from $50,000 to $100,000 for the persistent compromise of a Chromebook in guest mode.
“With great research comes great rewards,” Somogyi said.
Google also isexpanding and improving the efficacy of its Safe Browsing technology. Safe Browsing warns both desktop and mobile browser users of potentially malicious sites. Somogyi noted that this year, Google is extending even more Safe Browsing protections, for malware and social engineering in Chrome on Android.
“Safe browsing today protects well over 2 billion devices,” he said.
In terms of best practices, Somogyi suggests that users don’t reuse passwords across services. This is something Google’s Project Abacus aims to help with. Abacus is an approach for password-less access that was first discussed at Google I/O in 2015. Google plans to roll out Abacus-based log-ins to Android by the end of the year.
While using stronger passwords (or a password replacement technology), safe browsing and paying security researchers to find bugs are all good things, Somogyi said installing updates is one of the best ways to keep users safe.
Security is a complex challenge with many unknowns, but there are many known bad items, too. While zero-day risks are a concern, good password practices and keeping users updated are likely two of the best tools to help Google achieve its mission of Do No Evil—and the broader mission of not letting evil happen to its users either.
Originally published on eWeek.
Page: 1 2
Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…
Explore the future of work with the Silicon In Focus Podcast. Discover how AI is…
Executive hits out at the DoJ's “staggering proposal” to force Google to sell off its…
US prosecutors confirm earlier reports, demand Google sells off Chrome web browser and end default…
Following Australia? Technology secretary Peter Kyle says possible ban on social media for under-16s in…
Restructuring expert appointed to oversea Northvolt's main facility in northern Sweden, amid financial worries