Need IT Services? Call Now : (209) 920-4077

Google has implemented a project to encourage assistance in collecting potential vulnerabilities for its Nexus line of mobile devices, with some considerable prizes associated with it.

b2ap3_large_google_nexus_hack_400 (1)Called the Project Zero Prize contest, contestants must be able to hack into a Nexus 6P and a Nexus 5X with nothing but the phone numbers and associated email addresses. Additionally, any vulnerability found must be capable of executing codes on each device remotely after a message (either email or text) is opened. Simple, right?

Not really, and that’s probably because Google is running more than just your run-of-the-mill bug bounty initiative. Google also wants to collect information on the bugs; how they work, and what methods they can use to improve protections against just these types of exploits.

As for prizes, Google is offering three top prizes awarded on a first-come, first-serve basis. Worth $200,000 for first, $100,000 for second, and “at least” $50,000 for third, the cash prizes come with the opportunity to produce a guest post on their Project Zero Blog.

By holding this competition, Google is taking advantage of the full benefits of crowdsourcing. Rather than waiting to solve a problem after it is discovered and having to pay an entire team to reach a resolution for the single issue, Google can now get in front of a potentially much larger group of vulnerabilities and gain a head start in fixing them, for what is very likely a much cheaper price for them to pay in the long run.

RJ PRO utilizes a similar strategy to determine security weaknesses for our clients. By utilizing a process known as penetration testing, potential (or current) vulnerabilities in systems and networks are located and identified in order to better protect your systems from malicious intrusions in the future.