The Internet is a dangerous place. There are all kinds of malware that could infect your devices and steal your data and information.
Project Zero Google aims to make the Internet safer for users to have fewer worries about bad guys of cyberspace. What exactly is Project Zero, and it really help
Project Zero :? The idea behind this
In mid-July, Chris Evans of Google said on the blog of the security of the company, "You should be able to use the Web without fear that a criminal actor or sponsored by the state operates the software bugs to infect your computer, steal secrets or monitor your communications. Yet in sophisticated attacks we see the use of vulnerabilities "zero-day" Project ... Zero is our contribution, to start the ball rolling. our goal is to significantly reduce the number of persons injured by targeted attacks. "
zero-day bugs are a big problem, because the heartbleed fiasco bug shows . Zero-day does not mean that a software defect is new; it means that the programmer did not have many days to solve the problem and no patch is available.
The goal of Google? To ensure that there are zero-attacks well, next to zero-zero-day.
Beyond Google
The announcement of Project Zero summoned some applause from the crowd understand Internet security. The project is not just about Google; it is about the Internet as a whole, the Project Zero team will not limit hunting for bugs Google products. It will in all software that many people use.
This is not the first time Google has stood as a champion for safer cyberspace. They already use SSL encryption to their applications such as Search and Google Drive, and they played a role in exposing the tyrannical heartbleed bug.
eyes on transparency
Project Zero provides clean windows between the team and the software providers. When Google finds a vulnerability, they will report to the software vendor, but not to others. the bug information will stay away from the public eye until a patch is available (in most cases). As the company says on its security blog, "We are also committed to sending bug reports to suppliers in the nearest real-time as possible, and work with them to get patches to users within a reasonable time . "
This focus on openness is in line with the past activities of Google. Earlier this year, the famous hacker George Hotz attended the defenses of Google Chrome. Instead of trying to sweep under the carpet Hotz, Google gave him a pat on the back in the form of $ 150,000 and later a job. This contrasts with other companies whose products met the genius of Hotz; Sony sued, and AT & T ignored.
Project Zero Will Prompt companies to act?
Given that Google will share information about the bugs only with software vendors, it begs the question, if the public doesn 't know about it, will companies want to devote resources to the resolution of problem?
Google took this potential problem into account when developing the plan for Project Zero. They will give a 60-0 business days to come up with a patch and make it available to customers before Google exposes the bug on his own initiative. In other cases, when they find that the bug is an active threat to Internet users, Google will push ahead with a business solution much faster. Chris Evans, quoted on wired.com, said: "It is unacceptable to put people at risk by taking too long or not fixing bugs indefinitely"
The team Project Zero
So who are those wielding the sword on the project Zero? Google team continues to hire, but they have some geniuses on board. George Hotz, mentioned above, is one of the stand-out project members . Working with him are Ben Hawkes, who has uncovered several bugs in major software programs; Tavis Ormandy, who recently made a noise showing how flaws in antivirus software are a major threat, and Ian Beer, who found bugs in some of the most popular Apple products.
the team will soon complete and more than 10 members working feverishly in Mountain View headquarters of Google to expose the zero-day vulnerabilities.
Will Project Zero Really make the Internet safer?
All of the above could make a dream seem Project Zero initiative. He has lofty goals, a lot of power to think and the support of one of the largest companies in the world. However, it is not exactly a knight in shining armor diving to save the day.
Google takes on two government spies and criminals, people who know how to fly under the radar. As the blog points out Techworld, "Google has the right to take on this agreement, but to make it more interesting idea, he needs others, including Microsoft to make something similar. Only one company, even as large as Google, will never be enough to make a dent in a problem that covers everything from heartbleed to defects in every day. "
Without stronger regulatory measures, a totally secure Internet is out of the question for now, despite the efforts of well-meaning companies such as Google. However, their efforts can prevent some bloodshed and creating less collateral damage on the battlefield.
0 Komentar