What you need to know
- Google is expanding its Security Reward Program and launching a new Developer Data Protection Reward Program.
- The Security Reward Program now covers all apps on Google Play with 100 million or more installs — even if app developers don't have a bug bounty program set up.
- With the Developer Data Protection Reward Program, Google aims to crack down on data abuse in apps.
The Google Play Store is filled with a seemingly endless number of apps, and in an age where digital security is becoming more and more important, having systems in place to ensure these apps are as stable and secure as can be is critical. On August 29, Google announced a couple of big changes coming to the Play Store to help with this effort.
First thing's first, the existing Google Play Security Reward Program (GPSRP) is getting a considerable revamp. The GPSRP was launched in June 2017 with HackerOne to help identify bugs in apps, and today, it's being expanded to include any apps on the Play Store that have at least 100 million installs — even if the developers of said apps don't have their own bug bounty program established.
We are increasing the scope of GPSRP to include all apps in Google Play with 100 million or more installs. These apps are now eligible for rewards, even if the app developers don't have their own vulnerability disclosure or bug bounty program. In these scenarios, Google helps responsibly disclose identified vulnerabilities to the affected app developer. This opens the door for security researchers to help hundreds of organizations identify and fix vulnerabilities in their apps.
Since it was launched a little over two years ago, the GPSRP has paid out more than $265,000 in bug bounties.
In addition to the GPSRP getting revamped, Google's also launching a new initiative called the "Developer Data Protection Reward Program" (aka DDPRP).
Google's once again working with HackerOne, and with DDPRP, the companies aim to:
Identify and mitigate data abuse issues in Android apps, OAuth projects, and Chrome extensions.
DDPRP will compensate anyone that's able to "provide verifiably and unambiguous evidence of data abuse", with maximum bounties being as high as $50,000.
One of the best Windows laptops is $550 right now — and stock is limited
Buying a laptop isn't an easy decision, but it's one that's slightly easier on weeks like this — on Black Friday. The Dell XPS 13 2-in-1 has been heralded as one of the best laptops on the market by practically every site that ranks these kinds of things, ourselves included, and there's a brand new reason to pick it up. Today only, the XPS 13 2-in-1 with Intel 10th Gen CPUs are up to $...
Why it’s worth spending more on faster SD cards on Black Friday
To make the most of any camera, whether it be the one on your phone or one in a security cam or even a drone, you'll want to buy a fast SD card. Here's why.
Cards against Humanity and Exploding Kittens on sale for Black Friday
Some of the best card games and board games are on sale today for Black Friday. If you don't have them already, you should definitely check out Cards Against Humanity and Exploding Kittens.
Get the most out of these smart devices and services with Google Assistant
The Google Assistant is the most useful smart voice assistant for getting your questions answered and keeping track of your digital life, but it's also great at helping you control your smart home devices and services.