We’ve just sneaked into June and that means the latest Android security patches are rolling out to select devices. Google has announced the handsets up and running with the most recent security software in a blog post, along with an update on the status of its Android Security Rewards Program.
Since the program’s launch a couple of years ago, Google says it has shelled our more than $1.5 million dollars to researchers who’ve found holes in its security system. Last year, it paid 115 individuals an average of $2,150 per reward and $10,209 per researcher for finding vulnerabilities.
Meanwhile, Google revealed that it has increased the incentive for those trying to crack its top-tier security breach after receiving zero successful attempts. Hackers who manage to achieve a “complete remote exploit chain leading to TrustZone or Verified Boot compromise” will now be awarded $200,000, up from the previous $50,000. It has also upped the reward for a remote kernel exploit from $30,000 to $150,000. Not bad.
Here’s the list of models that Google says has “a majority of deployed devices running a security update from the last two months”:
- BlackBerry: Priv
- Fujitsu: F-01J
- General Mobile: GM5 Plus d, GM5 Plus, General Mobile 4G Dual, General Mobile 4G
- Gionee: A1
- Google: Pixel XL, Pixel, Nexus 6P, Nexus 6, Nexus 5X, Nexus 9
- LG: LG G6, V20, Stylo 2 V, GPAD 7.0 LTE
- Motorola: Moto Z, Moto Z Droid
- Oppo: CPH1613, CPH1605
- Samsung: Galaxy S8 Plus, Galaxy S8, Galaxy S7, Galaxy S7 Edge, Galaxy S7 Active, Galaxy S6 Active, Galaxy S5 Dual SIM, Galaxy C9 Pro, Galaxy C7, Galaxy J7, Galaxy On7 Pro, Galaxy J2, Galaxy A8, Galaxy Tab S2 9.7
- Sharp: Android One S1, 507SH
- Sony: Xperia XA1, Xperia X
- Vivo: Vivo 1609, Vivo 1601, Vivo Y55
It seems that Google’s incentive scheme for hackers is paying off with comparatively few security problems making their way to Android’s 2 billion devices. It would have been nice to see a few more models on the above list, though — something from HTC or Huawei in particular.
If you want to get involved in the hunt for Android vulnerabilities, check out the Program Rules at the link.