Google announced this week plans to increase the amount of money it will give away at its next Pwnium competition, which is being held at the Hack in the Box conference in Kuala Lumpur, Malaysia.
Called Pwnium 2, the competition is run by the search engine outfit to find flaws in Google's software. The competition will be held in early October.
The company has a payout pool of $2 million to give away, including $60,000 for researchers who find a "full Chrome exploit," which involves an attack that uses only vulnerabilities in the Chrome browser. The company also is giving away $50,000 for a "partial Chrome exploit," which entails the use of bugs in third-party software.
"Exploits should be demonstrated against the latest stable version of Chrome," Google software engineer Chris Evans said blog post.
"Chrome and the underlying operating system and drivers will be fully patched and running on an Acer Aspire V5-571-6869 laptop (which we'll be giving away to the best entry.) Exploits should be served from a password-authenticated and HTTPS Google property, such as App Engine. The bugs used must be novel i.e. not known to us or fixed on trunk. Please document the exploit."
Google had held the competition earlier in the year at the CanSecWest conference in Vancouver. The firm then offered $1 million in prizes to researchers that found flaws in its products. Evans said that this earlier competition had "exceeded our expectations".
"Most importantly, we were able to make Chromium significantly stronger based on what we learned," he said.
In an earlier blog post Evans said that the company was increasing the payout as it had noticed a decrease in the number of submissions to the bounty program as bugs were becoming "harder to find, as the efforts of the wider community have made Chromium significantly stronger."
