Google will pay you to find security flaws in Android

Attention hackers: Google is offering you an entirely legal way to make £25,600-per-bug from your advanced security skills.

Attention everyone else: now is the time to learn how to program.

Android Security Rewards is the name of a new research programme launched by Google in a bid to make its Android operating system and flagship devices - currently the Nexus 6 and Nexus 9 - the safest available.

Should you be able to find a security vulnerability in Google's build, the tech giant will pay you - giving extra rewards for identifying the bug, testing it and providing patches to fix it. Eligible bugs include those in AOSP code, OEM code (libraries and drivers), the kernel, and the TrustZone OS and modules.

Google's incentive to break its own systems isn't new: the Patch Rewards programme has been running since 2013, offering similar financial rewards to anyone who can demonstrate flaws in the security of Google Chrome and its web applications, while the Security Rewards programme paid researchers over $1.5 million to researchers in 2014.

"As we have often said, open security research is a key strength of the Android platform," declares a statement on the launch page of the Android programme. "The more security research that's focused on Android, the stronger it will become."

You can get more information on what Google want you to break (and then fix) over here.

Good luck.