PROJECT ZERO: THE INTERNETS LAST HOPE!
PROJECT ZERO
GOOGLE HAS PUBLICLY REVEALED A NEW INITIATIVE CALLED “PROJECT ZERO”, A TEAM OF ELITE HACKERS AND BUG HUNTERS WHOSE SOLE MISSION, TO FIND AND ELIMINATE THE MOST SEVERE SECURITY FLAWS AROUND THE WORLD.
"You should be able to use the web without fear that a criminal or state-sponsored actor is exploiting software bugs to infect your computer, steal secrets or monitor your communications. Yet in sophisticated attacks, we see the use of "zero-day" vulnerabilities to target, for example, human rights activists or to conduct industrial espionage. This needs to stop. We think more can be done to tackle this problem."
GOOGLE CURRENT RECRUITS:
- Ben Hawkes - an independent researcher from New Zealand
- George Hotz - best known for hacking Sony PlayStation 3, cracking iPhone and Google's Chrome browser.
- Tavis Ormandy - working as an Information Security Engineer at Google
"Project Zero is our contribution, to start the ball rolling. Our objective is to significantly reduce the number of people harmed by targeted attacks. We're hiring the best practically-minded security researchers and contributing 100% of their time toward improving security across the Internet."
PROJECT ZERO STRATEGY:
- Hunt for zero-day vulnerabilities in popular software
- Report flaws to vendors
- Release full vulnerability disclosures after venders implement patches
- Bug filing within a transparent external database
"We're not placing any particular bounds on this project and will work to improve the security of any software depended upon by large numbers of people, paying careful attention to the techniques, targets and motivations of attackers. We'll use standard approaches such as locating and reporting large numbers of vulnerabilities. In addition, we'll be conducting new research into mitigations, exploitation, program analysis—and anything else that our researchers decide is a worthwhile investment."
