“Today, we are introducing an experimental new incentive for external researchers to participate. We will be rewarding select interesting and original vulnerabilities reported to us by the security research community. For existing contributors to Chromium security — who would likely continue to contribute regardless — this may be seen as a token of our appreciation.
“In addition, we are hoping that the introduction of this program will encourage new individuals to participate in Chromium security. The more people involved in scrutinizing Chromium’s code and behavior, the more secure our millions of users will be.”
To cut a long story short, Google is going to pay you anything from $500 to $1337 for the discovery of security vulnerabilities in either Google Chrome the browser or Chromium the code base. What is the objective I hear you ask? Well Google says they want to see more and more people get involved in the Chromium project and also to make the browser a lot safer.
The natural reason I can think of for this move is to get Chrome the browser well prepped for the uphill task of its metamorphoses into an OS. What would be more embarrassing than a ChromeOS full of security bugs and leaks?
I also think it is a welcome news for those really great developers and programmers out there that spend time bringing those security vulnerabilities to light. This move, Google acknowledges is influenced by the Mozilla
Security Bug Bounty Program. So if you want some cool cash, then keep an eye out for some security flaws in Google Chrome and you could have a great time.