Google to pay Android bug hunters

Expands Patch Reward programme to include mobile operating system

Google has announced that it will begin paying people that point out holes in Android’s security.

The search engine giant has run a bug-bounty programme for a number of years, focusing on Chrome and its Google websites.

It has now expanded the programme to Android. One of the first recipients – who goes by the name of Pinkie Pie – was paid $50,000 by Google for finding a flaw in its smartphone software.

Google has said that Pinkie Pie’s find was a particularly skilled hack and that the vast majority of holes will earn experts a few hundred dollars at a time.

The expansion is part of Google’s recently grown Patch Rewards programme. The company announced the move in a blog post on Monday.

Android wasn’t the only new addition to Google’s Patch Reward programme.

Three widely used web service packages have also been added, namely Apache’s http, Nginx and Lightpd Google security team member Michal Zalewski said in the pst.