This is a continuation of a closed forum.
http://blogoscoped.com/forum/175254.html

----
As a result of the responses to Google's recent bounty program for security bugs, they have posted a more detailed list of exclusions.

http://www.google.com/corporate/rewardprogram.html

http://googleonlinesecurity.blogspot.com/2010/11/quick-update-on-our-vulnerability.html

Paul roberts has some coverage at threatpost.
"Google: No Cash for Trash Vulnerabilities": http://threatpost.com/en_us/blogs/google-no-cash-trash-vulnerabilities-111210