Google akan membayar sejumlah wang yang berjumlah antara USD$500 hingga USD$3133.70 kepada individu yang dapat mencari “Vulnerability” atau kelemahan pada webnya yang boleh memberi peluang kepada penggondam mengganggu website mereka. Antara web yang termasuk dalam senarai adalah Google.com, youtube.com dan orkut.com serta blogger.com.
Walaupun begitu, terdapat beberapa bug atau error yang diambil kira oleh Google. Antaranya adalah:
- XSS
- XSRF / CSRF
- XSSI (cross-site script inclusion)
- Bypassing authorization controls (e.g. User A can access User B’s private data)
- Server side code execution or command injection
Jika anda adalah pakar dalam bidang ini, anda boleh mula menganalisis web yang telah saya sebutkan dan anda boleh melaporkan kepada Google disini pada seksyen “Reporting Security Issues”. Jika anda berjaya menemui “Vulnerabilities” , anda akan memerima wang tunai dan pernghargaan dari pihak Google. Mereka akan meletakkan nama anda pada seksyen “We Thank You”.
Monday, November 1, 2010 12:30 PM
Posted by Chris Evans, Neel Mehta, Adam Mein, Matt Moore, and Michal Zalewski; Google Security Team
Back in January of this year, the Chromium open source project launched a well-received vulnerability reward program. In the months since launch, researchers reporting a wide range of great bugs have received rewards — a small summary of which can be found in the Hall of Fame. We’ve seen a sustained increase in the number of high quality reports from researchers, and their combined efforts are contributing to a more secure Chromium browser for millions of users.
Today, we are announcing an experimental new vulnerability reward program that applies to Google web properties. We already enjoy working with an array of researchers to improve Google security, and some individuals who have provided high caliber reports are listed on our credits page. As well as enabling us to thank regular contributors in a new way, we hope our new program will attract new researchers and the types of reports that help make our users safer.-(Google security blog)
Apa yang telah dilakukan oleh Google ini adalah amat bagus dimana sistem keselamatan para penggunanya terjamin dan Google cuba untuk meningkatkan sistem keselamatannya melebihi syarikat yang lain.
![Rompakan Kedua Hong Leong Bank TESCO E-Gate P.Pinang [+Video]](http://selangor2u.com/blog/wp-content/themes/weekly/timthumb.php?src=http://selangor2u.com/blog/wp-content/uploads/2013/03/rompakan-hong-leong-bank.jpg&h=40&w=40&zc=1)
![Punca Jambatan Cyberjaya Runtuh Pada 28 Feb 2013 [Video]](http://selangor2u.com/blog/wp-content/themes/weekly/timthumb.php?src=http://selangor2u.com/blog/wp-content/uploads/2013/03/jambatan-runtuh-cyberjaya.jpg&h=40&w=40&zc=1)
![Jambatan Cyberjaya – Aman Putra Runtuh [5 Foto]](http://selangor2u.com/blog/wp-content/themes/weekly/timthumb.php?src=http://selangor2u.com/blog/wp-content/uploads/2013/02/flyover-runtuh-di-putrajaya-1.jpg&h=40&w=40&zc=1)
![Barcelona 1-3 Real Madrid – Separuh Akhir Piala Raja Sepanyol [Video Highlight]](http://selangor2u.com/blog/wp-content/themes/weekly/timthumb.php?src=http://selangor2u.com/blog/wp-content/uploads/2013/02/ronaldo.jpg&h=40&w=40&zc=1)
![Belon Udara Panas Meletup di Mesir [+Video]](http://selangor2u.com/blog/wp-content/themes/weekly/timthumb.php?src=http://selangor2u.com/blog/wp-content/uploads/2013/02/belon-panas-meletup-di-mesir-2.jpg&h=40&w=40&zc=1)
