Summary
-
Major tech giants like Google pay researchers for finding vulnerabilities in their products.
-
Google is shutting down the Google Play Security Reward Program on August 31, 2024.
-
It will review all submitted reports before the program ends, though payouts can take a few weeks.
It’s not like the malicious actors have stopped looking… If they are finding fewer vulnerabilities, it sounds to me they should be paying more.
Translation: we really need more money to pay a bonus of some hundreds of millions to the CEO
Short sightedness strikes again
Google is shutting down the program due to its improved security measures
In its email, Google states that it is closing down the program because of the “overall increase in the Android OS security posture and feature hardening efforts.” This has led to researchers submitting fewer vulnerabilities than before.
In its last annual report, Google claims to have stopped 2.28 million privacy-violating apps and banned 333,000 malicious developer accounts. Last year, it also announced major improvements to Google Play Protect, including real-time scanning for Android malware. More recently, it bolstered the Play Integrity API with in-app signals to prevent fraudulent activities.
These improvements are evidently working and have led to fewer vulnerabilities being discovered in Android apps and the ecosystem.
We stopped actually looking and the numbers went down so problem solved right? Very smart google, very smart.
Google has defeated all possible vulnerabilities! Huzzah!