In this June 5, 2014 photo, a man walks past a Google sign at the company's headquarters in Mountain View, Calif. Google is buying Skybox Imaging in a deal that could serve as a launching pad for the Internet company to send its own fleet of satellites to take aerial pictures and provide online access to remote areas of the world. (AP Photo/Marcio Jose Sanchez)
In this June 5, 2014 photo, a man walks past a Google sign at the company's headquarters in Mountain View, Calif. Google is buying Skybox Imaging in a deal that could serve as a launching pad for the Internet company to send its own fleet of satellites to take aerial pictures and provide online access to remote areas of the world. (AP Photo/Marcio Jose Sanchez)
In this June 5, 2014 photo, a man walks past a Google sign at the company’s headquarters in Mountain View, Calif. (AP Photo/Marcio Jose Sanchez)

(Bloomberg) – Google Inc. has given fellow tech companies an ultimatum: patch your software vulnerabilities within 90 days or we’ll make them public.

An elite team of Google hackers and programmers scrub their own and competitors’ software for security flaws, giving companies a deadline to issue a fix. Google says it wants software makers to move fast because cybercriminals act with lightning speed when they spot bugs.

It’s a sensitive topic — rivals Microsoft Corp. and Apple Inc. declined to talk about the tactic — though others in the industry say the help isn’t always welcome, usurps a role best left to government and can jeopardize security.

“I’m not sure who made Google the official referee of the marketplace for vulnerability notification,” said John Dickson, a principal with software security company Denim Group Ltd. in San Antonio. He said pressuring companies to fix flaws is a good idea, but “what noble motives they had in mind could be called into question given the fact that they essentially outed vulnerabilities for two of their biggest rivals.”

READ MORE

Leave a comment

Your email address will not be published.