A Kerala College Student is Making Lakhs By Finding Bugs in Google and Facebook

A Kerala College Student is Making Lakhs By Finding Bugs in Google and Facebook

If you grew up in the 90’s, the first generation to actually start using computers, you’d be familiar with glitches.

Whether it happened on original browswer, Internet Explorer, or one of the various games you played on CDs, glitches were common. They even happened on Microsoft Word. (Remember ‘The Quick Brown fox… ?)

Over the years, however, glitches slowly started disappearing. Your experience has become faster, smoother.

But some still do exist – and a Kerala man has been cashing in on spotting and reporting the bugs,

Pratheesh Narayanan, a final year B. Tech. student at Sree Narayana Gurukulam College of Engineering, in Ernakulam recently reported a bug to Google, which won him a bounty of 10,000 dollars (Rs 7.6 lakh). The bug, tracked CVE-2019-2232, has been recently fixed.

The bug, Narayanan explains in a post on his LinkedIn, “would have allowed a remote attacker to perform Permanent Denial of Service attacks on Android Devices.”

In simpler terms, what this bug does is crash someone elses phone, when you send them a contact card. The contact card, isn’t a regular one. It’s when you randomly key-smash a series of characters, for example “dbjaduhhudsahdshjdsayugdasgusadbhjdshbasdgttsdgsdbhjdsnjdsjndsjdsjjdsnjdsmjds” into a name, and add multiple number of fields (‘Home’, ‘Work’) to it. Because a phone couldn’t recognize n-character name when you send him the contact card, their phone ends up crashing.

“Because the Operating System would only have allocated a fixed amount of memory to save a contact and when that’s exceeded, the system cannot handle it,” says Pratheesh Narayanan, tells The News Minute in an interview.

This isn’t the first glitch he’s noticed. Narayanan, has been doing this for two to three years now. He reports bugs to companies like Google and Facebook, who then reward him and fix the errors. So far, he has reported 13 – nine for Facebook’s WhatsApp, three for Google, and one for Microsoft’s Github.

He’s earned several lakh rupees this way, and doesn’t plan on stopping soon. “There are others like me, among students and working professionals, doing this on a freelance basis. I think even after the course is over, I will continue with this freelance work,” he told The News Minute.

While these bugs aren’t as visible to the rest of us, how Narayanan spots them is through trial and error.

Leave a Reply

Your email address will not be published. Required fields are marked *