The new program applies to a collection of open-source projects that serve as the Internet's fundamental infrastructure. They include the popular domain name server BIND, the cryptographic library OpenSSL, and the remote login software Open SSH. Google says it expects to expand the program to web and mail servers "in the coming weeks."
Once you've submitted your patch to the project managers and they've incorporated the fix, you can then tell Google about your contribution — at which point Zalewski and seven others will review the code and decide on a reward.
"If we think that the submission has a demonstrable, positive impact on the security of the project," Zalewski adds, "you will qualify for a reward ranging from $500 to $3,133.7."
The Googler somewhat cheekily leaves off the final zero in an apparent nod to leetspeak; turning the numbers into letters spells out "eleet."