Google Play Store Offers Bug Bounty Program

While it might sound like shooting fish in a barrel – Google Play is working with HackerOne on a bug bounty program to find vulnerabilities in “in-scope” applications distributed through the Play Store. The number of apps in scope is limited but is expected to expand over time and covers remote-code-execution vulnerabilities and corresponding Proofs of Concept that work on Android 4.4 devices and higher.

For a while now, we’ve known that poorly coded or deliberately vulnerable apps have been distributed through the Play Store. But a number of developers of apps including Alibaba, Dropbox, Duolingo, Headpsace, Line, Mail.Ru, Snapchat and Tinder are looking to the community to help them find dodgy code.

The Play Security Rewards Program will evaluate each submission with rewards of $1000 rewarded for submissions that meet the evaluation criteria.

You can read more about the program at Hackerone.

One of the benefits of bug bounty programs is that hackers that are teetering on the edge of working on illegal causes can be tempted to put their efforts to good use and help the community. The rewards offered in this program are solid and, although the scope is limited, will incentivise some positive action.

The Cheapest NBN 50 Plans

Here are the cheapest plans available for Australia’s most popular NBN speed tier.

At Lifehacker, we independently select and write about stuff we love and think you'll like too. We have affiliate and advertising partnerships, which means we may collect a share of sales or other compensation from the links on this page. BTW – prices are accurate and items in stock at the time of posting.


Leave a Reply