Stopping the black-hat hackers of the world is a tough proposition, but that’s Google’s newest aim. Project Zero, which was announced this morning by Google Security Engineer Chris Evans, aims to stop zero-day exploits by creating an open source platform. This new project also has no bounds, and won’t be limited to Google products.
Zero day exploits can be used for all manner of things, but are often used to simply digitally attack those who may be trying to do something positive in this world. Evans says the hacks often affect human rights advocates, but are also used for gaining personal information or monitoring our activity.
Google will create a public database of zero-day bugs, which will first be reported to the software provider. The goal is to report the exploits in real-time, so a patch or service suspension can be realized ahead of a massive data breach ala Target. Once a patch is in place, Google will report the bug using responsible disclosure techniques.
"Project Zero is our contribution, to start the ball rolling. Our objective is to significantly reduce the number of people harmed by targeted attacks," Evans said. "We're hiring the best practically minded security researchers and contributing 100 percent of their time toward improving security across the Internet.”