$200k Android bug contest

Google has launched a new contest offering $200,000 to whoever can first find and report a remote-code execution bug in Android. Second place will get $100,000, and third at least $50,000.

"The goal of this contest is to find a vulnerability or bug chain that achieves remote code execution on multiple Android devices knowing only the devices’ phone number and email address. Successful submissions will be eligible for the following prizes," explained Google Project Zero whizkid Natalie Silvanovich on Tuesday.

"Our main motivation is to gain information about how these bugs and exploits work. There are often rumours of remote Android exploits, but it’s fairly rare to see one in action. We’re hoping this contest will improve the public body of knowledge on these types of exploits.

"Hopefully this will teach us what components these issues can exist in, how security mitigations are bypassed and other information that could help protect against these types of bugs."

For more details, check out the content rules and FAQ. ®