After too many practicals, Google has made its mind to hire hackers to stop a criminal or state-sponsored actor is exploiting software bugs to infect your computer, you can say it is something to stop organizations like NSA, GCHQ :)
That is a good news for us, if really it is going to.
The Project named “Project Zero” will work to reduce the number of people affected by targeted attacks and stop bugs like Heartbleed early on.
“You should be able to use the web without fear that a criminal or state-sponsored actor is exploiting software bugs to infect your computer, steal secrets or monitor your communications,” Chris Evans, a member of Google’s security research team, wrote in an official blog post. “Yet in sophisticated attacks, we see the use of ‘zero-day’ vulnerabilities to target, for example, human rights activists or to conduct industrial espionage. This needs to stop. We think more can be done to tackle this problem.”
It is said that Hackers that have been hired for the Project Zero had already found and fixed some bugs in Apple, and the Google Hackers team will find dangerous vulnerabilities, not just on its own products but of other companies too.
“Project Zero is our contribution, to start the ball rolling. Our objective is to significantly reduce the number of people harmed by targeted attacks. We’re hiring the best practically-minded security researchers and contributing 100% of their time toward improving security across the Internet,” blog describes.
Evans also explained how the team will work:
Every Bug that is discovered will be filed in an specific external database and it will be only reported to the software’s vendor- not to the third parties. Once the bug made public by the vendor itself, anyone will be able to monitor how long it will take for the vendor to fix it.
Hackers going to work for Google:
- George Hotz (Hacked Apple iPhone in 2007 and reverse engineered Sony’s PS3)
- Tavis Ormandy
- Ian Beer
- Ben Hawkes
Till now, the above four names we found, who would work for Google ‘Project Zero,’ and Evans is still recruiting and need to have at least 10 full-time hackers to work at Google’s Mountain View HQ.
