Summary

  • Major tech giants like Google pay researchers for finding vulnerabilities in their products.

  • Google is shutting down the Google Play Security Reward Program on August 31, 2024.

  • It will review all submitted reports before the program ends, though payouts can take a few weeks.

  • @[email protected]
    link
    fedilink
    English
    534 months ago

    It’s not like the malicious actors have stopped looking… If they are finding fewer vulnerabilities, it sounds to me they should be paying more.

    • @The_v
      link
      English
      13
      edit-2
      4 months ago

      “Due to the success of the program, vulnerabilities are harder to find. The amount we are paying is now insufficient to justify the time and effort for most researchers.”

      One year later…

      “The largest security breach ever has occured for Google…”

  • @Melonpoly
    link
    English
    294 months ago

    Short sightedness strikes again

  • @[email protected]
    link
    fedilink
    English
    284 months ago

    Translation: we really need more money to pay a bonus of some hundreds of millions to the CEO

    • sunzu2
      link
      fedilink
      14 months ago

      Sundar the creep is worth every single peny of 200 million comp!

  • @[email protected]OPM
    link
    fedilink
    English
    264 months ago

    Google is shutting down the program due to its improved security measures

    In its email, Google states that it is closing down the program because of the “overall increase in the Android OS security posture and feature hardening efforts.” This has led to researchers submitting fewer vulnerabilities than before.

    In its last annual report, Google claims to have stopped 2.28 million privacy-violating apps and banned 333,000 malicious developer accounts. Last year, it also announced major improvements to Google Play Protect, including real-time scanning for Android malware. More recently, it bolstered the Play Integrity API with in-app signals to prevent fraudulent activities.

    These improvements are evidently working and have led to fewer vulnerabilities being discovered in Android apps and the ecosystem.

    • @[email protected]
      link
      fedilink
      English
      394 months ago

      We stopped actually looking and the numbers went down so problem solved right? Very smart google, very smart.

      • @TrickDacy
        link
        English
        34 months ago

        You evidently did not read that

    • @TrickDacy
      link
      English
      264 months ago

      Seems kind of weird to me that they want to shut down a program because it worked too well. “we don’t want to pay people to find problems because we don’t have to pay them as much lately”

    • @NarrativeBear
      link
      English
      164 months ago

      On another note all new homes and buildings no longer need fire alarms or sprinklers as deaths related to fire have gone down.

      Buildings are not burning down as much as they once did. So no need to spend money and time on fire safety and protection equipment. /s

  • @ikidd
    link
    English
    234 months ago

    Google has defeated all possible vulnerabilities! Huzzah!

  • @[email protected]
    link
    fedilink
    English
    224 months ago

    In its email, Google states that it is closing down the program because of the “overall increase in the Android OS security posture and feature hardening efforts.” This has led to researchers submitting fewer vulnerabilities than before.

    1. Vulnerabilities are found, which shows that the program is successful and needed.
    2. No vulnerabilities are found, no money will have to leave Google.

    Keeping the program will reap the benefits from both no. 1 and no.2 while closing down the program only enables no.2.

    Not hard to see the priorities here…

  • @flop_leash_973
    link
    English
    19
    edit-2
    4 months ago

    “It is so secure we don’t even need to check it anymore.”

    MBA idiot says right before something they are in charge of gets compromised because some hacker took such a statement as a challenge.