Kerala

Kerala's 'bug hunter' receives 10,000 dollars for reporting Google glitch

Pratheesh Narayanan has reported 13 bugs so far, and is even on Google’s Bughunter Hall of Fame.

Written by : Cris

This is one of those stories that need to start with a film-like disclaimer - do not try this at home. Not a daredevil stunt, just a phone bug but one that could crash someone else’s phone for good.

The stunt that you should not try is saving someone’s name with hundreds of characters. Saving for instance a name as ‘Sowmyabsafkljdfkjkjfklsjdflkjdfjsklflkjdfkjsdkfjljdfljsdfjsdjfljds…..’. If you had one of the latest Android updates, you could not do this anymore, there is a character limit on the names. But until some time ago, an Android phone had allowed this – there was no limit to the number of characters you could use while saving a name. As it happens, there was also no limit to the number of fields you could save under a person’s contact. They could, for instance have ‘n’ number of phone numbers – those fields you see as ‘Work’, ‘Home’ etc could be added limitlessly.

Problem comes not when you save a contact in this manner. But when you try to send it to someone else. Some poor bloke may ask for a contact number and you send this 2000-character name and numbers to him and voila, his phone crashes.

“Because the Operating System would only have allocated a fixed amount of memory to save a contact and when that’s exceeded, the system cannot handle it,” says Pratheesh Narayanan, a final year B. Tech. student in Ernakulam who has reported this bug to Google and received a reward of 10,000 dollars (Rs 7.6 lakh) this January. The bug -- tracked as CVE-2019-2232 -- has been recently fixed.

Pratheesh has been doing this for two to three years now, he says, reporting bugs to companies like Google and Facebook who would then reward him and fix the errors. He is even on the Google Bughunter hall of fame, and the Facebook hall of fame.

“There are others like me, among students and working professionals, doing this on a freelance basis. I think even after the course is over, I will continue with this freelance work,” Pratheesh says. And why shouldn’t he? The lad has already earned several lakh rupees reporting bugs.

He has reported 13 so far – nine of these were for Facebook’s WhatsApp, three for Google and one for Microsoft’s Github.

The first bug he reported was on WhatsApp, an error that came with those long messages that end with ‘read more’. Another was about a Telugu character which if included in a message could crash the receiver’s phone.

“These are not the bugs that come when you install some unknown software. These are what happen for no fault of yours,” Pratheesh says. He uses trial and error to find out most of these bugs, he says.  

How Modi govt is redirecting investments from other states to Gujarat

Inside Bengaluru’s ‘Kannadiga vs Outsider’ divide

‘Adani hosted, Amit Shah attended’: Sharad Pawar confirms 2019 meeting to discuss alliance

Shivendra Singh interview: How ‘Celluloid Man’ PK Nair led him to work on film heritage

The story behind The Hindu journalist Mahesh Langa’s arrest