Google’s dream team of hackers

By Toby Manhire In Technology, The Internaut

Print Share

googlelostIf you want to keep a building secure, it pays to employ people who know how to pick locks.

That is the principle behind Google’s “Project Zero”, described by Andy Greenberg of Wired as “an elite team of full-time hackers paid to hunt security vulnerabilities in every popular piece of software that touches the internet”.

For a long time Google and other internet companies have offered “bug bounties” to “white hat hackers”, as they’re sometime called, who identify vulnerabilities in their code.

The difference with Project Zero – named because they are focused on “zero-day” flaks, “the most insidious security flaws in the world’s software – is that they’re integral to the Google operation, and they’re tasked with probing any software, not just Google’s.

When they identify a bug “they say they’ll alert the company responsible for a fix and give it between 60 and 90 days to issue a patch before publicly revealing the flaw on the Google Project Zero blog”.

The “dream team”, which includes the New Zealander Ben Hawkes, apparently a graduate of Victoria University, “credited with discovering dozens of bugs in software like Adobe Flash and Microsoft Office apps in 2013 alone”, isn’t simply bothered with small-time cyber-crooks.

It represent an acceleration of Google’s “counter-surveillance measures” following revelations from whistleblower Edward Snowden’s that showed the extent to which the NSA and other agencies were able to snoop by exploiting zero-day vulnerabilities.

One of Project Zero’s principal objectives, says Greenberg, is to “starve spies of the bugs their intrusions require.”

 

See also: Goldmine or gutter? The debate over online comments

Ten of the best opening lines in news reports

Ten of the funniest newspaper corrections

Super news for the super-rich

Follow the Listener on Twitter or Facebook.

More by Toby Manhire

Post a Comment

You must be to post a comment.

Switch to our mobile site