Google offers $20,000 bounty to hack Chrome

Google is offering a bounty of $20,000 to the first person who hacks Chrome, effectively inviting hackers to go to town.

The prize is part of the 2011 Pwn2Own contest, which will see hackers from around the world try to find exploits in the leading web browsers.

Prizes of $15,000 are on offer for those who breach the security of Internet Explorer, Firefox and Safari, a $5,000 increase on prizes offered the year prior. A laptop will also be awarded.

Google is offering a larger prize of $20,000 and a CR-48 laptop. It employs a “sandbox” technique for preventing malware from escaping the web browser to infect the computer, which is a much more secure approach than the main rival browsers.

Hackers will only have the launch day of the contest to claim the Google bounty and two exploits need to be found in Google’s code to qualify. They must also be able to escape the sandbox feature, which Google is clearly betting isn’t possible.

$20,000 can still be won if an exploit is found on the second or third day, but only half of this will come from Google, with Pwn2Own sponsor TippingPoint handing over the other $10,000. Requirements for winning on these two days are also less strict, allowing for non-Chrome bugs.

A similar bounty was offered for the last two year’s Pwn2Own contests, but no one managed to break through Chrome’s defences in this period. It remains to be seen what will happen for 2011. 

A $15,000 bounty is also on offer for anyone who hacks the Dell Venue Pro running Windows 7, iPhone 4 running iOS, Blackberry Torch 9800 running Blackberry 6 OS or Nexus S running Android. A copy of the phone and a few other things will also be thrown in as part of the prize.

Contest details are here.