Google is bulking up its security team via a new effort, dubbed Project Zero.
"Our objective is to significantly reduce the number of people harmed by targeted attacks," Chris Evans, a Google Researcher Herder, wrote in a blog post. "We're hiring the best practically minded security researchers and contributing 100 percent of their time toward improving security across the Internet."
Google started Project Zero after certain Googlers started spending "some of their time on research that makes the Internet safer, leading to the discovery of bugs like Heartbleed," Evans said. "The success of that part-time research has led us to create a new, well-staffed team called Project Zero."
Ideally, you should be able to use the Web without fear that a scammer is slurping your data or hacking into your personal accounts, Evans said, while human rights activists and major firms should be able to conduct business without fear of cyber attacks.
"We think more can be done to tackle this problem," Evans said, and that includes hiring more security experts to fill out Project Zero.
As for what that entails, Google is open to a variety of approaches. "We're not placing any particular bounds on this project and will work to improve the security of any software depended upon by large numbers of people, paying careful attention to the techniques, targets and motivations of attackers," Evan said.
Project Zero will find and report bugs, details of which will be housed in an external database.
"Once the bug report becomes public (typically once a patch is available), you'll be able to monitor vendor time-to-fix performance, see any discussion about exploitability, and view historical exploits and crash traces," he wrote. "We also commit to sending bug reports to vendors in as close to real-time as possible, and to working with them to get fixes to users in a reasonable time."