facebook
twitter
rss
account
search
search
 

Google's Project Zero to search for online bugs and hackers

The team will look to alert third-party software vendors of vulnerabilities in their programs and also share this information publicly once a patch is issued.
By Ananth Baliga   |   July 15, 2014 at 12:02 PM   |   Comments

| License Photo
MOUNTAIN VIEW, Calif., July 15 (UPI) -- Google set up a secret team called Project Zero that will mine the internet for bugs and hackers, in order to identify vulnerabilities like Heartbleed.

The team will attempt to find vulnerabilities that can be used by hackers and state-sponsored actors to cause mischief on the Internet. The team was constituted in response to the Heartbleed bug that infected most websites on the Internet, potentially giving hackers access to sensitive user information.

"You should be able to use the web without fear that a criminal or state-sponsored actor is exploiting software bugs to infect your computer, steal secrets or monitor your communications," Chris Evans, a member of Google's security research team said in a company blog post.

"Yet in sophisticated attacks, we see the use of 'zero-day' vulnerabilities to target, for example, human rights activists or to conduct industrial espionage," he added.

Zero-day refers to attacks on software vulnerabilities that were previously unknown. Heartbleed was one such vulnerability that made users' passwords and online data vulnerable to hackers, sending Web companies scrambling to fix the flaw.

Google will store all its research on external databases and will report bugs only to the software vendor. The information will be accessible publicly once the bug is made public, which is typically when a vendor issues a security patch.

Hewlett Packard's TippingPoint Zero Day Initiative is a similar program that pays third-party researchers to submit bugs in other products. Microsoft also provides software that can detect such vulnerabilities in third-party software but does not pay independent researchers for submitting security reports.

Follow @antbaliga and @UPI on Twitter.
Contact the Author
© 2014 United Press International, Inc. All Rights Reserved. Any reproduction, republication, redistribution and/or modification of any UPI content is expressly prohibited without UPI's prior written consent.
Featured UPI Collection
trending
2014: The Year in Music [PHOTOS]

2014: The Year in Music [PHOTOS]

Most Popular
1
Brazil assessing capabilities of Russian air defense system
2
City of London Police get Kaspersky Lab training
3
U.S. Navy receives first low-rate production RAM Bock 2 missile
4
Iran vetting oil customers
5
Zephyr 7 UAS chalks up new achievement
Trending News
Video
x
Feedback