So found Ralf-Philipp Weinmann, a research associate at the University of Luxembourg's Interdisciplinary Centre for Security, Reliability and Trust, when he reported three Chrome vulnerabilities to Google's "bug bounty" program.
Gregg Keizer of Computer World, who noticed the record $31,336 payout on Google's blog, notes that " All three of the vulnerabilities were labeled 'High,' the second-most-serious ranking in Chrome's four-step scoring system."
He also notes that there are usually two responses from IT professionals who find exploits: contact the company and possibly get a reward — or go public with the vulnerability.
Those who go public say they do so to make these companies more honest and more motivated to find the exploits on their own.
Yet publicizing these exploits can lead to stiff penalties: Andrew 'Weev' Auernheimer is currently serving a two-year sentence for turning over the details of an AT&T exploit to a Gawker reporter.
More From Business Insider
- This Is What A Google Self-Driving Car 'Sees' At A Stoplight
- Samsung Is Working On Google's Next Flagship Tablet
- Google Program Manager Dates Beautiful Actress Girlfriend, Sofia Bush
- Technology & Electronics