The Internet giant already hands out cash to people who notice bugs in the company's own products. But to encourage sharp-eyed volunteers to help the broader Web community, Google has announced it's going to start rewarding people who actually provide patches to non-Google projects.
"Fixing a problem often requires more effort than finding it," wrote Michal Zalewski, a member of Google's security team, in a blog post Wednesday.
The new program applies to a collection of open-source projects that serve as the Internet's fundamental infrastructure. They include the popular domain name server BIND, the cryptographic library OpenSSL, and the remote login software Open SSH. Google says it expects to expand the program to web and mail servers "in the coming weeks."
Once you've submitted your patch to the project managers and they've incorporated the fix, you can then tell Google about your contribution — at which point Zalewski and seven others will review the code and decide on a reward.
"If we think that the submission has a demonstrable, positive impact on the security of the project," Zalewski adds, "you will qualify for a reward ranging from $500 to $3,133.7."
The Googler somewhat cheekily leaves off the final zero in an apparent nod to leetspeak; turning the numbers into letters spells out "eleet."