Search engine giant Google will offer $2.7 million to researchers who can hack its browser-based operating system, Chrome OS, as part of its Pwnium hacking contest to be held in March.
“Security is a core tenet of Chromium, which is why we hold regular competitions to learn from security researchers. Contests like Pwnium help us make Chromium even more secure,” Google said in a blogpost.
This year, Pwnium 4, will be hosted in March at the CanSecWest security conference in Vancouver, Canada.
“With a total of $2.71828 million in the pot, we’ll issue Pwnium rewards for eligible Chrome OS exploits at $110,000 for browser or system-level compromise in guest mode or as a logged-in user, delivered via a web page,” it said.
Google will also pay $150,000 for providing an exploit to be able to persistently compromise an HP or Acer Chromebook, i.e. hacking the device to retain control even after a reboot.
The earlier editions of Pwnium competitions focussed on Intel-based Chrome OS devices, but this year Google will allow researchers to also choose from ARM-based Chromebook, the HP Chromebook 11 (WiFi) and the Acer C720 Chromebook (2GB WiFi) based on Intel’s Haswell microarchitecture.
Last year, Google had put $3.14159 million in the pot for Pwnium 3.
Google said it would consider larger bonuses this year to researchers who demonstrated what it called a "particularly impressive or surprising exploit".
“New this year, we will also consider significant bonuses for demonstrating a particularly impressive or surprising exploit. Potential examples include defeating kASLR, exploiting memory corruption in the 64-bit browser process or exploiting the kernel directly from a renderer process,” it said.