Project Zero: When 17-year-old George Hotz became the first hacker in the world to break AT & T's iPhone lock in 2007, companies ignored him and tried to fix the bugs he had discovered. When he later broke the Playstation 3, Sony sued him and only accepted a settlement when Hotz agreed never to break another Sony product.
Then Hotz disassembled the defenses of the Google Chrome operating system. His company paid 150.000 dollars as a fee. Two months later, Chris Evans, a Google security technician, sent him an e-mail: Did Mr Hotz want to join an elite full-time hacker team that will chase vulnerabilities in every popular product of the company?
So Google is publicly unveiling the team (via Wired), known as Project Zero, a group of top security researchers whose sole mission is to find and fix the most insidious security holes. These secret hackable bugs, known in the security industry as "zero-days" are exploited by criminals, or state-sponsored hackers and intelligence services. By assigning this project to researchers, Google hopes to create a serious security infrastructure in its products.
Chris Evans
Google's security researcher Chris Evans is in charge of hiring top talent to run Project Zero.
“Οι άνθρωποι αξίζουν να χρησιμοποιούν το Internet without the fear that a vulnerability could destroy their privacy," says Evans. He is a British-born security researcher who led the former Chrome security team before taking the helm of Project Zero.
Στο Project Zero έχει ήδη προσλάβει μια ομάδας hackers υψηλού προφίλ που εργαζόταν για την Google: Ο Νεοζηλανδός Ben Hawkes έχει ανακαλύψει δεκάδες σφάλματα σε λογισμικό όπως το Adobe Flash και Microsoft Office μόνο το 2013. Ο Tavis Ormandy, ένας Άγγλος ερευνητής ο οποίος έχει τη φήμη σαν ένας από τους πιο παραγωγικούς κυνηγούς bug στον κλάδο, ανήκει και αυτός στην dream team. Ο Αμερικάνος hacker George Hotz, ο οποίος έσπασε το Chrome OS της Google και κέρδισε στον διαγωνισμό hacking Pwnium last March, he will also be a boarder of the team. Swiss Brit Ian Beer has been on Google's secretive security team for the past few months, ever since he discovered six bugs in Apple's iOS, OSX and Safari.
Evans says the team is not complete even hiring continues. Its aim is to have more than ten full time researchers in its management shortly. Most will work at a desk in Mountain View, using hunting bugs, but also with the hacker's pure intuition.
Evans insists Project Zero is "mostly altruistic." But he has an enticing level of freedom to work on difficult security issues with minimal restrictions. He can also use the recruitment that will bring top talent to Google, where they can later join other teams. And as with all Google other projects, the company claims that this benefit will be received by the end user of the internet. After all, safe and happy end users get more clicks on Google ads.
