{"id":98898,"date":"2019-11-21T23:22:38","date_gmt":"2019-11-22T07:22:38","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2019\/11\/google-really-wants-you-to-hack-the-pixels-titan-m-security-chip"},"modified":"2019-11-21T23:22:38","modified_gmt":"2019-11-22T07:22:38","slug":"google-really-wants-you-to-hack-the-pixels-titan-m-security-chip","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2019\/11\/google-really-wants-you-to-hack-the-pixels-titan-m-security-chip","title":{"rendered":"Google really wants you to hack the Pixel\u2019s Titan M security chip"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/google-really-wants-you-to-hack-the-pixels-titan-m-security-chip2.jpg\"><\/a><\/p>\n<p>Google has increased the maximum prize for its Android bug bounty program to $1 million for anyone who can compromise the Titan M security chip found in its Pixel phones. The top prize is for a \u201cfull chain remote code execution exploit with persistence\u201d of the dedicated security chip. On top of that, there\u2019s an additional 50 percent bonus if a security researcher is able to find an exploit on specific developer preview versions of Android, resulting in a potential prize of $1.5 million. The new rewards take effect starting today.<\/p>\n<p>Introduced with 2018\u2019s Pixel 3, Google\u2019s Titan M security chip <a href=\"https:\/\/www.wired.com\/story\/google-titan-m-security-chip-pixel-3\/\">cordons off your smartphone\u2019s most sensitive data<\/a> from its main processor to protect against certain attacks. Google says the chip offers \u201con-device protection for login credentials, disk encryption, app data, and the integrity of the operating system.\u201d Since its introduction, the chip has also been integrated with <a href=\"https:\/\/www.theverge.com\/2019\/4\/10\/18295348\/google-android-phone-fido-webauthn-phishing-two-factor-authentication\">Android\u2019s security key functionality<\/a> where it\u2019s used to store a person\u2019s FIDO credentials. Suffice it to say, the integrity of the Titan M is an important element for the security of recent Pixel devices.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Google has increased the maximum prize for its Android bug bounty program to $1 million for anyone who can compromise the Titan M security chip found in its Pixel phones. The top prize is for a \u201cfull chain remote code execution exploit with persistence\u201d of the dedicated security chip. On top of that, there\u2019s an [\u2026]<\/p>\n","protected":false},"author":513,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34,1625,1512],"tags":[],"class_list":["post-98898","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode","category-encryption","category-mobile-phones"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/98898","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/513"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=98898"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/98898\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=98898"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=98898"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=98898"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}