Researcher blows $15K by reporting bug to Google
reported that a security researcher lost a sure $15,000 at the Pwn2Own hacking contest in March because he had earlier reported the bug to Google, which has patched the vulnerability in its Android Market. "I missed out money wise," said Jon Oberheide, co-founder and CTO of Duo Security, a developer of two-factor authentication software. "But it was good that Google is rewarding researchers. And now I have my first Android vulnerability that qualified for a bounty." Google, which pays bounties for bugs reported in its software, cut a check to Oberheide for $1,337.