Uber comes out with $10,000 “bug bounty”
Uber announced late March that they plan on starting a “bounty program for white hat hackers” wherein they recruit autonomous researchers to find vulnerabilities in their ride-hailing application.
The company plans on rewarding up to $10,000 as part of the “bug bounty” – a tactic which tech companies usually offer to white-hat hackers. Uber is offering these hackers a “treasure map” to assist them in looking for the bugs in the program.
According to a report by Motherboard, the ride-hailing service has experienced some security issues the past year. Uber accounts have been known to be selling for as low as 40 cents per account on the black market.
Collin Green, Uber’s security engineering manager, stated, “We’re wrapping up a lot of information and posting that to level the playing field so that it could be as easy for outside researchers to find flaws as us.”
If someone finds at least 5 bugs within 3 months of Uber’s loyalty season, a bonus of 10% will be given to the hacker/researcher – based on the average of the other payouts.
Alex Rice, HackerOne’s Chief technology officer, said “that’s a level of confidence that you have not seen too many closed-source software companies take in the past, and I’m really hopeful that others will follow suit. HackerOne handles Uber’s bounty program.
As a comparison, Google recently raised their own bounty for Chrome to $100,000 – they are known for their ludicrous bug bounty programs.
Comprehensive multi-device protection for you and your family for up to 6 PCs, Macs, Android, and iOS devices. For more info click here.
