- Google expands its VRP with a new AI -centered program
- Payments could reach up to $ 30,000 for pending reports
- Content -based problems such as hallucinations are not covered by VRP
Google has announced a new AI (VRP) vulnerability reward program for researchers focused on finding security problems and errors in their AI tools.
The news occurs two years after Google extended its abuse VRP, which security engineering managers Jason Parsons and Zak Bennett described as “great success for Google’s collaboration with AI researchers.”
Since he created the program, Google has granted errors hunters to more than $ 430,000 in rewards only for AI products, highlighting the size of the opportunity that is advanced and the importance of eliminating errors in an increasingly connected and fed world.
Google AI VRP
Parsons and Bennett admitted “the scope of AI rewards was not always clear” and that “there was confusion about how [Google] drive[s] ABUSE problems related to AI “, hence the update.
The AI VRP consists of eight separate categories: S1 and S2, and A1 to A6. The most serious, S1, is described as “attacks that modify the state of the victim’s account or data with a clear security impact.” Other vulnerabilities include exfiltration of data, denial of service and rapid injections.
Errors hunters can win up to $ 20,000 with the AI VRP, with bonds for the quality of the report and the novelty potentially collecting payments of up to $ 30,000. Bad products offer the highest rewards and include Google Search, Gemini Apps and Google Workspace.
Products such as AI Studio, Jules and non -basic Google work space applications fall on a lower level.
Security engineering managers also used the publication to highlight the distinction between security/abuse errors and content -related problems (such as hallucinations and copyright problems), and the latter is not covered by the VRP.
“Please continue to inform the content -based problems, including Jailbreaks and alignment problems, but report through the comments of the products, and not through the VRP,” says Google.
Keep PakGazette on Google News and Add us as a preferred source To get our news, reviews and opinion of experts in their feeds. Be sure to click on the Force button!
And of course you can also Keep PakGazette in Tiktok For news, reviews, video deciphes and get regular updates from us in WhatsApp also.
You may also like
