Google said that its elite team consisting of hackers and programmers search security deficiencies of its software applications and other companies, Google warning that if its competitors will not eliminate vulnerabilities within 90 days, then they will make public.
Google claims that software vendors must act quickly because cybercriminals act with lightning speed when identifying errors, according to Bloomberg.
Microsoft and Apple declined to comment on this sensitive subject, while other members of the industry say that Google team usurp a recurring role best government authorities.
“I’m not sure who made Google the official referee of the marketplace for vulnerability notification,” said John Dickson, a principal with software security company Denim Group Ltd. in San Antonio. He said pressuring companies to fix flaws is a good idea, but “what noble motives they had in mind could be called into question given the fact that they essentially outed vulnerabilities for two of their biggest rivals.”
“If these companies can’t even get along, that’s just bad for security for the whole ecosystem,” said Jake Kouns, chief information security officer for Risk Based Security Inc. in Richmond, Virginia.
Google founded this team last July and named it “Project Zero” after the much-dreaded “zero day”, security deficiencies may be exploited by malevolent before developers need to know
Update : “We support a variety of efforts, including Project Zero and our Security Reward Programs, to find and fix online threats,” Aaron Stein, spokesman for the Mountain View, California-based Google said in an e-mail.
