Sunday, July 20, 2014

Project Zero

     Google just announced their new project that will help combat cybercrime.  It is called Project Zero and is comprised of a highly skilled researchers.  The scale of this project is setting the stage for the rest of the cybercommunity.  This of course is no small feat as there is a seemingly endless amount of vulnerabilities and cyberthreats on the Internet.  Instead of waiting for cyberthreats to takeover the Internet, Google is trying to find and stop them before they become massive attacks. 
     
     The goal for Google is to make the Internet safe for everyone to use.  The secondary goal behind Project Zero is to drive best practices and to create a greater awareness of security vulnerabilities.  All software will be scoured by the team for potential threat, not just those that are found within Google's software.  After they discover any threats or vulnerabilities they will notify the vendor and then file a bug report in the public database.  Hopefully this large initiative by Google will cause others to follow their lead and work on seeking out and fixing threats promptly.  Currently there are venders who are aware of security vulnerabilities and do not fix them in a timely manner.  These vendors will often take months or even years to fix the vulnerabilities in their software.  

     The research team is not complete yet, but already contains some very impressive talent.  George Hotz discovered how to crack a locked iPhone in 2007, reversed engineered the PlayStation 3, and exposed the weaknesses in Google Chrome.  Unlike the other companies who ignored him or made a deal for him to never hack their products again, Google paid him $150,000 to help fix the security flaw he uncovered in Google Chrome.  He was then offered a job to join Project Zero.  Chris Evans was also chosen to be a part of the team after his work on the Google Chrome project.  Ben Hawkes has found dozens of software bugs.  Another reputable bug hunter to join the team is Tavis Ormaandy.  He proved that zero day vulnerabilities are possible in antivirus software.  With this type of talent and even more to be added, it appears that Google will be successful in uncovering cyberthreats and help vendors to be more proactive in correcting the threats.


Adhikari, R. (2014, July 15). Google's Project Zero Cybersecurity Watch: No Excuses. Retrieved July 19, 2014, from TechNewsWorld: http://www.technewsworld.com/story/80738.html

Greenberg, A. (2014, July 15). Meet 'Project Zero,' Google's Bug0Hunting Hackers. Retrieved July 19, 2014, from WIRED: http://www.wired.com/2014/07/google-project-zero/
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)