Calling all hackers and security researchers: Google wants to pay you money. Quite a lot, in fact. The top prize for finding a new critical flaw in Android in the new Project Zero Prize competition is a whopping $200,000, with the second prize at $100,000 and $50,000 split among additional entrants. The contest is being run by Project Zero, the company's own internal team of security researchers that documents critical flaws and bugs in wide-reaching software.
But be aware, that prize doesn't go to any old run of the mill vulnerability. In order to be eligible, participants must find "a vulnerability or bug chain that achieves remote code execution on multiple Android devices knowing only the devices’ phone number and email address." That's a tall order, though it says that the researcher only needs to know the phone number and/or email address, not necessarily that they're limited to a dialer or email app as a point of insertion. Note that, because of the limitations in the contest, it's possible that no one will win in the allotted time.
Entrants need to send in their research in the form of an Android issue tracker report, then send in that annotated issue to the Project Zero team for consideration. Once winners are selected they'll be invited to write up their discoveries for the Project Zero blog. The competition is open for the next six months, so you have plenty of time to try to hack into your loved ones' phones.
- Project Zero blog