News
Google Creates Anti-Hacker Team (CDSA)
Story Highlights
By Garrett Randall
Beating cyber security threats requires people who know how cyber criminals work.
That appears to be the thrust behind Google’s “Project Zero,” a new, full-time team of experts dedicated to fighting hackers and consumer cyber threats.
“Our objective is to significantly reduce the number of people harmed by targeted attacks,” Google security engineer and project lead Chris Evans wrote in a blog post. “We’re hiring the best practically-minded security researchers and contributing 100% of their time toward improving security across the Internet.”
The 10-member Zero team will build on Google’s previous work in SSL encryption for its own products, as well as research into Internet bugs like Heartbleed, Evans said. The Google team will “work to improve the security of any software depended upon by large numbers of people, paying careful attention to the techniques, targets and motivations of attackers.”
“In addition, we’ll be conducting new research into mitigations, exploitation, program analysis — and anything else that our researchers decide is a worthwhile investment,” he added.
Google’s Zero team will operate transparently, with every bug discovered filed in an open database, and bugs will be reported directly to software vendors, Evans promised.
“We’ll also be looking at ways to involve the wider community, such as extensions of our popular reward initiatives and guest blog posts,” he added. “As we find things that are particularly interesting, we’ll discuss them on our blog, which we hope you’ll follow.”
According to Wired, one of Google’s first team members is famed hacker George Hotz, the first person to crack AT&T’s lock on the iPhone; managed to reverse engineer the PlayStation 3; and tore down the security defenses of Google’s own Chrome OS.
