Since its release, Google has touted that Chrome OS is incredibly secure and can be used for any type of use case. In a blog post on the Chromium Blog, the company announced today that it is offering a total of $2.71 million USD to anyone that exploit Chrome OS. In order to compete for a portion of that pot, developers have travel to the CanSecWest security conference in Vancouver, which takes place in March.
The criteria for this Pwnium contest, which Google has been holding for years, is pretty specific. Developers and hackers won’t get money for exploiting any portion of the operating system. Instead, Google has guidelines for how much they will be paid, depending on how deep the exploit is.
- $110,000 USD: browser or system-level compromise in guest mode or as a logged-in user, delivered via a web page.
- $150,000 USD: compromise with device persistence: guest to guest with interim reboot, delivered via a web page.
Google will also consider cash bonuses for demonstrating a particularly impressive or surprising exploit. Hackers will be able to choose between the Haswell-based Acer C720 and the ARM-based HP Chromebook 11.
If this sounds like something you want to try, Google requires that interested parties register ahead of the even by emailing firstname.lastname@example.org. Registration will close at 5:00 P.M PST on March 10th.