Google wants to eliminate security holes in Android, as its Patch Reward program now includes AOSP

Google wants to eliminate security holes in Android, as its Patch Reward program now includes AOSP
Financial incentives for third-party contributors are not uncommon, especially when big companies like Google administer tens of open-sourced projects all at once. It's easy to think that since Google is so big, it can easily handle all of this internally, but the very value proposition of open-source is that outside help can be employed, often at a fraction of the cost.

This is why the Google Patch Reward program was launched just a month and a half ago or so. Its goal was quite simple – help the maintainers of a given project patch a security vulnerability and get financially reimbursed for your efforts. Until today, however, the Android Open Source Project (AOSP) wasn't a part of the program, which was just a shame, seeing as its popularity has sky-rocketed to a point of near ubiquity. As you gleaned from the title, that's about to change, as Google has finally added AOSP, along with a bunch of other projects into the mix, and is now offering financial incentives in the $500 to $3,133.7 range (good one). If your submission is particularly creative, Google may agree to pay out even a bigger sum, one that has no set range.

In any case, it's nice to see Android (at least the open parts of it) become part of such incentive programs, so here goes our props to Google for not settling and keeping the effort up.

Source: Google 1, 2

FEATURED VIDEO

16 Comments

1. spectrums

Posts: 127; Member since: Nov 14, 2013

yeah, this is good for android security :)

6. itsdeepak4u2000

Posts: 3718; Member since: Nov 03, 2012

Your English is improving. :)

10. SuperAndroidEvo

Posts: 4888; Member since: Apr 15, 2011

See this is why I am a Google supporter. I have never been around a company who is about the end user like Google is. Sure they may sometimes spy on you & sure they are looking at almost everything, but they are upfront & NEVER misleading. I think Google gets in trouble because they don't realize how efficient they are in the collection of data & it DEFINITELY bites them in the a$$ from time to time. Google takes care of it's supporters & it's now looking at the root community who make AOSP what it is today & help Google keep pushing the limits of what is possible in the mobile world. Google is probably the ONLY company who could take on "Skynet", if it would ever come down to that. lol +1

2. LiyanaBG

Posts: 381; Member since: Nov 07, 2013

Nice google, good to see you are never lazy and on top of things.

3. _Bone_

Posts: 2155; Member since: Oct 29, 2012

$3,133.7 range (good one) ?

4. kdealltheway

Posts: 94; Member since: Oct 21, 2012

Eleet

5. itsdeepak4u2000

Posts: 3718; Member since: Nov 03, 2012

Superb...

7. JakeLee

Posts: 1021; Member since: Nov 02, 2013

Only USD3133 at max??? They must be kidding

13. cezarepc

Posts: 718; Member since: Nov 23, 2012

I believe previously nobody was getting paid. People were just contributing for the love of developing. Good that they'll be getting something now, though I doubt that's why these people will continue to help. The spirit of open-source is never about money.

8. GadgetsMcGoo

Posts: 168; Member since: Mar 15, 2013

Why don't they just get people who know security in the first place and design android with security in mind to begin with instead of mea culpa and asking random people out there for help.

11. jroc74

Posts: 6023; Member since: Dec 30, 2010

You do realize MS, Apple and others do something similar with the Black Hat conventions. No OS is perfect, they all have holes, its just up to ppl to find them and document it....or not document it and do bad things with it. Your posts over the past few weeks are borderline laughable.

9. Gemmol

Posts: 793; Member since: Nov 09, 2011

I am glad google admitting the faults, like this and how they want to get rid of the lag. If you were to ask a Droid fan they would say there is no lag, but google would say they is, makes me wonder if droid fans are in denial......Apple and Windows are buttery smooth.....but heres the article where google talk about it, so you do not think I am trolling since it comes from the mouth of Google.......http://www.extremetech.com/computing/162667-google-slips-trim-support-into-android-4-3-to-end-io-laghttp://www.phonearena.com/news/Google-buys-the-company-behind-DroidBooster-to-speed-up-Android-cross-fingers-for-KitKat_id48565

12. jroc74

Posts: 6023; Member since: Dec 30, 2010

First link.....do you realize what I/O is? That is good or bad based on the phone manufacture right now. Motorola always had high I/O benchmarks, HTC and Samsung, hit or miss. "TRIM support became common in desktop operating systems shortly after SSDs gained traction. Microsoft began supporting TRIM at the OS level with Windows 7 in 2009, whereas Apple didn’t implement TRIM until 2011 with Mac OS X 10.6.8. It was added to the desktop Linux kernel in 2008." Reading the links you post would help.... 2nd link....hey....thats the job of any company....to make their products better. Please read up more on Droid Booster: http://www.youtube.com/watch?v=tEAz9fRoDmA Towards the end of the video....."low end at the speed of high end"....is the first bullet point. Doesnt that sound eerily like what Project Butter and Kit Kat is supposed to do?

14. Gemmol

Posts: 793; Member since: Nov 09, 2011

so defensive, but I appreciate your response. for your second link response look at the date of the article then you would realize it is in kit kat, I did not say it wasn't, each article is old, if they were posted today I would of sent those instead. I have not try out the new nexus but if kit kat really work then thats good, I use android well I use a note to be specific. The way you write you make it seem like I came out and started coming at google, all I said its nice of them to come out and state the problems because any droid owner would tell lies, this all I wrote.....but still I appreciate everything you wrote

15. jroc74

Posts: 6023; Member since: Dec 30, 2010

Hey, sorry. Its hard to tell the troll posts vs legitimate critiques.

16. Gemmol

Posts: 793; Member since: Nov 09, 2011

its okay, do not worry about it, I like how google is targeting everything and trying to get better, I can see them being a tough company to take down in the future, unless some new gimmick comes along the way

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.