Google shared on Friday its annual report on its Security Vulnerability Reward Program, where it pays out bounties to experts and enthusiasts who find flaws in its software. All told, Google says, the program paid out $3.4 million (R46.4 million) to 317 participants in 2018.
However, the report singles out one particular story: That of researcher Dzmitry Lukyanenka, who became a full-time bug bounty hunter after losing his job.
Google told Business Insider that it awarded multiple bounties to Lukyanenka this year, most of which totalled $1,337 (R18,252) - a stylized way of writing "leet," as in "elite," in a joke that programmers have been making since the '80s. Even today, it's not uncommon for a programmer or gamer to joke that they are a "1337 h4x0r," which is to say, an "elite hacker," or that someone else is a "n00b," or "newbie."
Google also told us that throughout the years, the prolific Lukyanenka has been paid a $1,337 (R18,252) bounty a dozen times, or $16,044 (R218,888) - an amount that has become known internally at Google as "1dmitry," after the researcher's first name. Separately, Google also paid Lukyanenka $1,337 (R18,252) several other times in the form of grants, unrelated to finding specific security vulnerabilities, to support his work, while also doubling down on the joke.
This isn't the first time that Google's bug bounty program has made a joke out of its payout structure. In its 2015 bug bounty report, the company said it paid out $6,006.13 (R81,941) - or, Google spelled-out numerically - to the researcher who managed to buy the "Google.com" domain for one minute. After that researcher revealed his intentions to donate the windfall to charity, Google doubled the amount.
However, the math jokes go well beyond this program. That same year, Google's parent company Alphabet bought back $5,099,019,513.59 (R69,576,121,262.94) worth of stock - or, the square root of 26, the number of letters in the alphabet, times a billion.
This year's bug bounty payouts were bigger than those in 2017, when Google paid $2.9 million (R39.5 billion) to 274 researchers. The company said that half of the bounties in 2018 went towards vulnerabilities found in its Android and Chrome platforms.
Also from Business Insider South Africa: