Ally Fashion

Tuesday, July 15, 2014

Announcing Project Zero

 ana05     July 15, 2014     No comments   

Posted by Chris Evans, Researcher Herder

Security is a top priority for Google. We’ve invested a lot in making our products secure, including strong SSL encryption by default for Search, Gmail and Drive, as well as encrypting data moving between our data centers. Beyond securing our own products, interested Googlers also spend some of their time on research that makes the Internet safer, leading to the discovery of bugs like Heartbleed.

The success of that part-time research has led us to create a new, well-staffed team called Project Zero.

You should be able to use the web without fear that a criminal or state-sponsored actor is exploiting software bugs to infect your computer, steal secrets or monitor your communications. Yet in sophisticated attacks, we see the use of “zero-day” vulnerabilities to target, for example, human rights activists or to conduct industrial espionage. This needs to stop. We think more can be done to tackle this problem.

Project Zero is our contribution, to start the ball rolling. Our objective is to significantly reduce the number of people harmed by targeted attacks. We’re hiring the best practically-minded security researchers and contributing 100% of their time toward improving security across the Internet. 

We’re not placing any particular bounds on this project and will work to improve the security of any software depended upon by large numbers of people, paying careful attention to the techniques, targets and motivations of attackers. We’ll use standard approaches such as locating and reporting large numbers of vulnerabilities. In addition, we’ll be conducting new research into mitigations, exploitation, program analysis—and anything else that our researchers decide is a worthwhile investment.

We commit to doing our work transparently. Every bug we discover will be filed in an external database. We will only report bugs to the software’s vendor—and no third parties. Once the bug report becomes public (typically once a patch is available), you’ll be able to monitor vendor time-to-fix performance, see any discussion about exploitability, and view historical exploits and crash traces. We also commit to sending bug reports to vendors in as close to real-time as possible, and to working with them to get fixes to users in a reasonable time.

We’re hiring. We believe that most security researchers do what they do because they love what they do. What we offer that we think is new is a place to do what you love—but in the open and without distraction. We’ll also be looking at ways to involve the wider community, such as extensions of our popular reward initiatives and guest blog posts. As we find things that are particularly interesting, we’ll discuss them on this blog, which we hope you’ll follow.
  • Share This:  
  •  Facebook
  •  Twitter
  •  Google+
  •  Stumble
  •  Digg
Email ThisBlogThis!Share to XShare to Facebook
Newer Post Older Post Home

0 Comments:

Post a Comment



Popular Posts

  • READY FOR FALL! MY RECOMMENDATIONS
    Autumn is around the corner which means darker tones for makeup! In this post I will be sharing my favourite products for lips, cheeks and e...
  • A tan really completes a make-up look
    We have been obsessed with tanning since we were around 13/14 because we live in England and there is barely any sun here and we look so was...
  • Adobe Photoshop 7.0 Full Version Free Download | Adobe Photoshop 7 Final Version Download | Photoshop 7 Professional Version Download 32-Bit and 64-Bit
    Adobe Photoshop 7 Full Version Free Download Original Adobe Photoshop 7.0 +License Key. Adobe Photoshop 7 Professional Version Free Download...
  • Virtually Unlimited Memory: Escaping the Chrome Sandbox
    Posted by Mark Brand, Exploit Technique Archaeologist. Introduction After discovering a collection of possible sandbox escape vulnerabiliti...
  • Did the “Man With No Name” Feel Insecure?
    Posted by James Forshaw, Taker of Names Sometimes when I'm doing security research I'll come across a bug which surprises me. I disc...
  • Driver Pack Solution 2018 Latest Version Download
    Driver Pack Solution 2018 Latest Version Download Driver Pack Solution 2018 Latest Version Download ISO for Windows User 32 bit & 64 bit...
  • [Ezoteryka PL] Węzły księżycowe - The North Node & The South Node
    Jaki jest cel naszego życia? Patrząc na swoja datę urodzin, możesz wyczytać z niej więcej niż znak zodiaku czy numerologie. Jako, iż postano...

Copyright © Ally Fashion | Powered by Blogger
Design by Hardeep Asrani | Blogger Theme by NewBloggerThemes.com | Distributed By Gooyaabi Templates