Uber offers bounty to hackers finding bugs in its system
Xinhua, March 23, 2016 Adjust font size:
Uber, the car hailing service, is offering a reward of up to 10,000 U.S. dollars to hackers who are able to spot possible bugs in its computer system.
The San Francisco-based technology company said it launched a private, beta bug bounty program last year for more than 200 security researchers, who in turn found nearly 100 bugs.
As the bugs were fixed, helping Uber to improve security, the company decided to kick off the "official bug bounty program," or loyalty reward program, to encourage members of the security community to dig deep.
The 10,000 dollars payout will be for somebody finding "critical issues."
On its website, Uber said it has created a "treasure map guide" and will regularly update it to show security researchers how to find the different classes of bugs across the system's codebase.
The first reward program season will begin on May 1 and will last for 90 days. Bounty hunters will be eligible for the program once they have found four issues that have been accepted by Uber as genuine bugs, said the company.
It promised to "publicly disclose and highlight the highest-quality submissions with the permission of the researcher, so everyone can see the best examples of the kinds of issues that get rewarded."
"We believe that bug bounty programs are an important part of the modern software development lifecycle," said John Flynn, Uber's chief information security officer, adding that it will "incentivize our community to find even the most subtle bugs as we work together to protect users." Endit