1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Google is ending its Android app store bug bounty program

    From TechnologyDaily@1337:1/100 to All on Tue Aug 20 12:00:05 2024
    Google is ending its Android app store bug bounty program

    Date:
    Tue, 20 Aug 2024 11:58:49 +0000

    Description:
    Entries for the Google Play Security Reward Program will no longer count
    after August 31 due to increased security.

    FULL STORY ======================================================================

    Google has announced it will be ending its Google Play Security Reward Program, a bug bounty initiative which allowed researchers and developers to identify and resolve vulnerabilities in popular Android apps for nearly seven years.

    Launched in October 2017, the program attracted security researchers to discover and disclose flaws found in apps distributed through the Google Play Store.

    Despite the programs success, Google has decided to wind down the program owing to a decrease in the number of reported actionable vulnerabilities. Google Play Security Reward Program

    Initially, the program focused on a select group of developers and apps, offering rewards of up to $5,000 for the most critical vulnerabilities like remote code execution. Eventually, in 2019, the scope widened to include all apps distributed on the platform with over 100 million downloads, with
    payouts reaching $20,000.

    In an email seen by Android Authority , the Android Security Team wrote: As a result of the overall increase in the Android OS security posture and feature hardening efforts, weve seen fewer actionable vulnerabilities reported by the research community.

    The email goes on to confirm that the program will end on August 31 2024, and reports submitted up until then will be triaged by September 15. Reward decisions will be made by September 30 upon the official discontinuation of the program.

    Moreover, Google blocked 2.28 million privacy-violating apps and banned 333,000 malicious developer accounts last financial year, alongside other
    Play Store improvements.

    However, with the termination of the Google Play Security Reward Program, researchers could be less motivated to report issues, potentially leaving
    some apps more exposed, raising concerns about future vulnerabilities and the platforms security. More from TechRadar Pro Check out our roundup of the best malware removal tools around Google reveals major increase in bug bounty rewards so get hunting Need a more up-to-date handset? Here are the best business smartphones



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/google-is-ending-its-android-app-store- bug-bounty-program


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)