Header AD

Google pays Student $10,000 For Reporting Security Flaw


Hackers don't always make money from criminal activities. Big Tech companies like Google and Facebook have bug bounty programs in which security researchers are rewarded for disclosing existing flaws in the system.


Last year, Google released a result which shows that hackers were rewarded $3 million throughout 2016. Recently, a Uruguayan student has been rewarded with $10,000 because he managed to discover a vulnerability in Google.

According to Ezequiel Pereira, he found the vulnerability when he was playing with Google services using a web security testing tool known as Burp Suite.

He was actually playing with Burp Suite to find the vulnerability, after many failed attempts, he discovered that the internal web page of yaqs.googleplex.com didn’t have the username or password check in place.

Googleplex.com hosts several Google App Engine applications.


Ezequiel Pereira wrote
“The website’s homepage redirected me to “/eng”, and that page was pretty interesting, it had many links to different sections about Google services and infrastructure, but before I visited any section, I read something in the footer: “Google Confidential

“At that point I stopped poking at the website and reported the issue right away, without even thinking of a better way to show the vulnerability than with Burp”



He also shared screenshots of the email exchanges with Google’s security team the same day. Google’s security team confirmed that the bug he reported was very effective. Pereira says he was very surprised when he received $10,000 from Google team for his work after a month.

However, Google has resolved the vulnerability and the large reward was because they found a few variants that would have allowed an attacker access sensitive data”
.
.

If you've got a story NaijaTechGuy hasn't covered yet or have a guest post please mail- naijatechguy@technologist.com
You Can Also Visit The Forum or Listen To Podcasts



Google pays Student $10,000 For Reporting Security Flaw Google pays Student $10,000 For Reporting Security Flaw Reviewed by Michael Ajah on Sunday, August 13, 2017 Rating: 5

Post AD