"Security is a core tenet of Chromium, which is why we hold regular competitions to learn from security researchers. Contests like Pwnium help us make Chromium even more secure," Google said in a blogpost. (Agencies)
This year, Pwnium 4, will be hosted in March at the CanSecWest security conference in Vancouver, Canada.
"With a total of USD 2.71828 million in the pot, we'll issue Pwnium rewards for eligible Chrome OS exploits at USD 110,000 for browser or system-level compromise in guest mode or as a logged-in user, delivered via a web page," it said.
Google will also pay USD 150,000 for providing an exploit to be able to persistently compromise an HP or Acer Chromebook, i.e. hacking the device to retain control even after a reboot.
The earlier editions of Pwnium competitions focussed on Intel-based Chrome OS devices, but this year Google will allow researchers to also choose from ARM-based Chromebook, the HP Chromebook 11 (WiFi) and the Acer C720 Chromebook (2GB WiFi) based on Intel's Haswell microarchitecture.
Last year, Google had put USD 3.14159 million in the pot for Pwnium 3.
Google said it would consider larger bonuses this year to researchers who demonstrated what it called a "particularly impressive or surprising exploit".
"New this year, we will also consider significant bonuses for demonstrating a particularly impressive or surprising exploit. Potential examples include defeating kASLR, exploiting memory corruption in the 64-bit browser process or exploiting the kernel directly from a renderer process," it said.
"Security is a core tenet of Chromium, which is why we hold regular competitions to learn from security researchers. Contests like Pwnium help us make Chromium even more secure," Google said in a blogpost.