Google Offers Cash For Rooting Out YouTube Security Flaws

Google has expanded its existing bug 'bounty hunter' programme to include YouTube and Blogger.

Under a scheme launched in January, hackers were offered cash rewards for finding bugs in Google's Chromium open-source project. That incentive scheme is now being widened to include the company's web sites Google.com, Youtube.com, blogger.com and Orkut.com.

The company said in a blog post that the basic reward for finding a vulnerability will be $500, but that hackers could stand to earn as much as $3,133 if the reported bug is "severe or unusually clever".

“It's difficult to provide a definitive list of vulnerabilities that will be rewarded," Google's Security Team explained, but added that "any serious bug which directly affects the confidentiality or integrity of user data" might be included in the scope of the scheme.

Google has instructed participants to search for flaws using their own accounts and not to access the data of other users.

The company also warned hackers of the importance of responsible disclosure of any bugs found on its channels.