Google to recruit hackers to hunt down future Heartbleed bugs

Security

by Byomakesh Biswal| 16 July 2014

The bugs discovered by the researchers will be filed in an external database.

Google has launched 'Project Zero', with which it will recruit a team of talented hackers to discover vulnerabilities in Internet security that expose Internet users to cyber attacks.

The company said that the objective of the project is to reduce the number of Internet users harmed by targeted attacks.

Project Zero researchers will work to improve the security of any software depended upon by large numbers of people, probing into the techniques, targets and motivations of attackers.

The researchers will adopt standard approaches, such as locating and reporting large numbers of vulnerabilities, as well as conduct new research into mitigations, exploitation, programme analysis.

Google researcher herder Chris Evans said: "We're hiring the best practically-minded security researchers and contributing 100% of their time toward improving security across the Internet.

"Yet in sophisticated attacks, we see the use of 'zero-day' vulnerabilities to target, for example, human rights activists or to conduct industrial espionage. This needs to stop. We think more can be done to tackle this problem."

If any bug is discovered by the researchers, it will be filed in an external database, while the bugs found in software will be notified to the vendor without disclosing to any third party.

Evans said: "Once the bug report becomes public (typically once a patch is available), you'll be able to monitor vendor time-to-fix performance, see any discussion about exploitability, and view historical exploits and crash traces.

"We also commit to sending bug reports to vendors in as close to real-time as possible, and to working with them to get fixes to users in a reasonable time."

Comments
Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

756 people like this.
0 people follow this.

Security Intelligence

Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.