Google Chrome has a good performance record in the pwn2own annual conferences. This year, the team has come with some attractive offers for those who can hack Chrome, you can win up to $1 million if you are successful. Here are the hi-lights from the Chromium blog post.
While weâ€™re proud of Chromeâ€™s leading track record in past competitions, the fact is that not receiving exploits means that itâ€™s harder to learn and improve. To maximize our chances of receiving exploits this year, weâ€™ve upped the ante. We will directly sponsor up to $1 million worth of rewards in the following categories:
$60,000 – â€œFull Chrome exploitâ€: Chrome / Win7 local OS user account persistence using only bugs in Chrome itself.
$40,000 – â€œPartial Chrome exploitâ€: Chrome / Win7 local OS user account persistence using at least one bug in Chrome itself, plus other bugs. For example, a WebKit bug combined with a Windows sandbox bug.
$20,000 – â€œConsolation reward, Flash / Windows / otherâ€: Chrome / Win7 local OS user account persistence that does not use bugs in Chrome. For example, bugs in one or more of Flash, Windows or a driver. These exploits are not specific to Chrome and will be a threat to users of any web browser. Although not specifically Chromeâ€™s issue, weâ€™ve decided to offer consolation prizes because these findings still help us toward our mission of making the entire web safer.
All winners will also receive a Chromebook.