Google granted $ 36,000 to a teenager for finding a security breach

in #busy6 years ago

Ezequiel Pereira was one month shy of his 17th birthday when he was paid for exposing a Google security flaw through his bug rewards program.


Source

Pereira obtained his first computer when he was 10 years old, took an initial programming class when he was 11 years old and then spent years teaching different languages ​​and coding techniques. In 2016, Google took it to its headquarters in California after winning a coding contest.

Their sporadic riges have finally paid off: Google has just awarded USD 36,337 to the Uruguayan teenager for finding a vulnerability that would have allowed him to make changes in the company's internal systems.

"I found something almost immediately worth $ 500 and I thought it was incredible," Pereira told CNBC. "So I decided to keep trying."

Although Pereira found the error earlier this year, he only obtained permission to write about how he discovered it this week, after Google confirmed that it had solved the problem.

It marks the fifth accepted error of Pereira, but it is by far the most lucrative.

"It feels really good, I'm glad I found something that was so important," he said.

In February, Pereira began studying computer engineering in his hometown, Montevideo. When you finish your homework and do not feel like going out with friends or watching videos, you will take out your computer and start hunting.

Save your earnings

He found his second biggest mistake last July, which was worth 10,000 USD, because he was bored during the school holidays. Pereira used a large part of that money to apply for scholarships at universities in the United States.

When none of the 20 or more schools approached to accept it, he decided to start school at home.

For now, he has no big plans for his last earnings other than the occasional outing with friends and helping his mother pay the bills.

It is also saving for future education. Pereira said he hopes to eventually get his master's degree in computer security. Until then, you will continue to look for errors in your free time.

At this point, Pereira has only presented vulnerabilities through the Google rewards system, although most of the major technology companies have their own programs. Companies say that if they encourage security researchers to test their systems for money, they are more likely to avoid bad actors.

Google determines the payment on whether it could give someone direct access to the servers of the world's most famous search engine or a client, and how potentially serious an exploit might be. 2.9 million dollars were awarded to 274 different researchers last year, with a maximum prize of USD 112,500.

Now that Pereira is ranked 12th in the Google Hall of Fame, he has received an avalanche of emails from people who congratulate him, ask for advice or offer him jobs.

It makes a point to respond to each email and will refer people to different online computer security resources.

None of his close friends has presented an error of his own, although he tries to encourage them to try it.

"They're interested, but they do not think they know enough," he said. "But I always tell them to just try! Anyone can learn these things. "

Source: CNBC