Printed from http://www.electronista.com

Google fires up 'Project Zero' universal Internet security program

updated 03:38 pm EDT, Tue July 15, 2014

Google not limiting effort to internal apps -- any vendor is fair game

Google has launched a new web-wide security project. Titled "Project Zero", the effort by the search behemoth has the lofty goal to "significantly reduce the number of people harmed by targeted attacks." Google intends to have no bounds for the project, planning on working to "improve the security of any software depended upon by large numbers of people, paying careful attention to the techniques, targets and motivations of attackers."

The effort will be transparent -- every bug that the company discovers will be reported to the software vendor for rectification by the developer, and not made public until the flaw is fixed and patches are widely distributed. Following public notation of the flaw, users will be able to "monitor vendor time-to-fix performance, see any discussion about exploitability, and view historical exploits and crash traces." Adding these metrics will help the public assess which vendors are better at security assessment.

Google researchers are already often credited with finding bugs, for example in Apple or Microsoft security fixes. The blog post trumpeting the program says that the Project Zero team will "use standard approaches such as locating and reporting large numbers of vulnerabilities. In addition, we'll be conducting new research into mitigations, exploitation, program analysis - and anything else that our researchers decide is a worthwhile investment."



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

  1. Makosuke

    Forum Regular

    Joined: 08-06-01

    What's a little sad is that one or more world governments haven't done something similar already. Yes, the internet is self-policing and all, but given the value of cybercrime (both to private and state parties), you'd think at least one government would've seen it worth while to throw a few million defense dollars at a similar program.

    (And yes, the creepy US security agencies claim they report software flaws they find to the vendors so they can fix them before another government takes advantage of them. At this point, how many people really believe that?)

  1. prl99

    Dedicated MacNNer

    Joined: 03-24-09

    Google should start by fixing its own software first then worrying about others.

  1. shawnde

    Fresh-Faced Recruit

    Joined: 04-01-08

    @Makosuke

    Of course the governments are NOT going to go after this .... especially true of the US government, but the rest are not far behind. They LOVE the fact that there are vulnerabilities in all these software programs ... they exploit them to their advantage so that they can spy on you. You'll never see any government step up for security.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Kenu Airframe Plus

Simple, stylish and effective, the Kenu Airframe + portable car mount is the latest addition to Kenu's lineup. Released earlier this y ...

Plantronics Rig Surround 7.1 headset

Trying to capture the true soundscape of video games can be a daunting task. Looking to surround-sound home theater options, users hav ...

Adesso Compagno X Bluetooth keyboard

The shift from typing on physical keyboards to digital versions on smartphones and tablets hasn't been an easy for many consumers. Fro ...

Sponsor

toggle

Most Commented

 
toggle

Popular News