It looks like Google is taking a new approach in order to make internet safer. Project Zero is an initiative that is heading in the right direction. To begin with, Google is recruiting elite security specialists and hackers in order to find various bugs, vulnerabilities, exploits and software flaws all over the web. According to one sources (eWeek.com), this initiative has already helped Apple to fix a couple of vulnerabilities in OS X 10.9.4 and iOS 7.1.2 Apple Mac updates. This initiative began to take its shape right after notoriously known HeartBleed Bug. Approximately, about 2/3 of websites had this vulnerability; therefore, security experts and major companies are taking online security-related issues and various vulnerabilities very seriously. If HeartBleed Bug was not noticed for quite some time, what more major bugs could there be? So, it looks like this initiative is dedicated in order to prevent another HeartBleed or a similar bug in the future.
“Security is a top priority for Google. We’ve invested a lot in making our products secure, including strong SSL encryption by default for Search, Gmail and Drive, as well as encrypting data moving between o ur data centers. Beyond securing our own products, interested Googlers also spend some of their time on research that makes the Internet safer, leading to the discovery of bugs like Heartbleed. The success of that part-time research has led us to create a new, well-staffed team called Project Zero. You should be able to use the web without fear that a criminal or state-sponsored actor is exploiting software bugs to infect your computer, steal secrets or monitor your communications. Yet in sophisticated attacks, we see the use of “zero-day” vulnerabilities to target, for example, human rights activists or to conduct industrial espionage. This needs to stop. We think more can be done to tackle this problem.” said Google’s Chris Evans (Information Security Engineer and Tech Lead at Google).
What is more interesting, Google is hiring one of the world’s most famous hacker: George Hotz (people from the internet also know him as ‘Geohot’). Hotz is well-known all over the internet for breaking AT&T lock on the iPhone and hacking Sony Playstation 3 in order to play pirated video games. Moreover, earlier this year, Hotz has won Google’s hacking challenge and a $150,000 reward for spotting vulnerabilities in Google Chrome operating system. Right after that, Evans has contacted Hotz and offered him to join Project Zero team.
It seems that this initiative could be beneficial for both sides; end-consumer and commercial sector. Project Zero bug-hunting team should include ten of the best security researchers (or hackers) that will scan the entire internet and look for various flaws. At the moment, Google’s Chris Evans is saying that they are still looking for recruits to complete the team. This team should report about various bugs and vulnerabilities directly to software vendors. Right after the bug is noticed, the issue becomes public in order to inform users and how (or when) these issues will be fixed.