Google is asking the open source community to help with security. While we’re used to seeing the search Giant pay for exploits, we haven’t seen them ask for help in securing the platform yet. Chrome exploits are pretty commonly reported on, but Android? Not so much.
As part of their Patch Reward program, launched last month, Google will now run the familiar payout system for those Developers or hackers who can properly identify, exploit, then fix a security issue in Android. Fixing a known issue isn’t the scope, here; Google wants us to see it through.
It’s pretty simple, too. By submitting the code to fix an issue, interested parties can then notify Google of their work. Google will want to know what the patch fixes,, what it does, and why it’s needed. From there, they’ll decide if it’s necessary. If it is, payouts range from $500 to just over $3,000.
Specifically to mobile, Google is adding the Android Open Source Project (AOSP) to the list. The patches must be submitted to those who maintain he projects first, then reported. Google asks that you follow a chain of command for submissions, and not go rogue.
It’s another sign that Google takes Android security seriously, even though threats are few and far between. It’s also a good indication that Google continues to embrace the open source nature of Android, even as we move into KitKat and Google Now. If you’re interested in participating, check out the FAQ page for the Patch Reward Program.
VIA: Android Authority