Google wants to ensure Internet safety with Project Zero

No software or service is perfect and there are always loophole and exploits that hackers can take advantage of. This is why it is important that developers take note of reports of such loopholes and close them ASAP, but now instead of relying on security companies or individuals to send in reports, Google has decided to take it upon themselves to do so. Dubbed Project Zero, this is a new project by Google that aims that ensuring the entire internet is safe from potential attacks, like the recent Heartbleed security bug that had everyone in a panic. According to Google, “You should be able to use the web without fear that a criminal or state-sponsored actor is exploiting software bugs to infect your computer, steal secrets or monitor your communications.”

When 17-year-old George Hotz became the world’s first hacker to crack AT&T’s lock on the iPhone in 2007, the companies officially ignored him while scrambling to fix the bugs his work exposed. When he later reverse engineered the Playstation 3, Sony sued him and settled only after he agreed to never hack another Sony product. When Hotz dismantled the defenses of Google’s Chrome operating system earlier this year, by contrast, the company paid him a $150,000 reward for helping fix the flaws he’d uncovered. Two months later Chris Evans, a Google security engineer, followed up by email with an offer: How would Hotz like to join an elite team of full-time hackers paid to hunt security vulnerabilities in every popular piece of software that touches the internet? Today Google plans to publicly reveal that team, known as Project Zero, a group of top Google security researchers with the sole mission of tracking down and neutering the most insidious security flaws in the world’s software. Those secret hackable bugs, known in the security industry as “zero-day” vulnerabilities, are exploited by criminals, state-sponsored hackers and intelligence agencies in their spying operations. By tasking its researchers to drag them into the light, Google hopes to get those spy-friendly flaws fixed. And Project Zero’s hackers won’t be exposing bugs only in Google’s products. They’ll be given free rein to attack any software whose zero-days can be dug up and demonstrated with the aim of pressuring other companies to better protect Google’s users.