Articles about Bug Bounty

It's not unknown for technology companies to run bounty programs that reward bug hunters for unearthing problems with software. Discover a security vulnerability and you could be in line for a nice cash bonus. Microsoft is one firm that runs such a program, and today the Microsoft Bounty Program is being expanded -- with a particular focus on Azure and Project Spartan.

Microsoft has already been asking for feedback about Windows 10 Technical Preview, but this is the first time a financial reward has been offered for pointing out security issues with any of its components. The maximum pay-out has been increased to $15,000 USD, so there's more incentive than ever to seek out problems and report them to Microsoft.

Continue reading →

There are award shows for everything nowadays, celebrating actors, athletes and more. However, computer nerds do not get the credit they deserve; we should get an award show too, right? Hell, they should give out trophies for fixing family members' computers. I have spent hours at my Uncle Roy's smelly house removing malware, only to leave with not so much as a thank you.

Don't worry though, Google cares about your nerdy endeavors -- if it helps the Chrome browser, that is. You see, the search giant is increasing the maximum bounty for finding bugs in the browser to $15,000. While money is awesome, the recognition may be equally cool, as your name may be added to the Google Hall of Fame!

Continue reading →

Yahoo is vastly increasing the bounty bug-hunters can hope to grab if they report a security issue to the company. The internet giant came in for criticism last month after a group of researchers discovered a scripting vulnerability and were rewarded with a Yahoo voucher for $12.50 -- which could only be used to purchase Yahoo merchandise. The company now sees the error of its ways and is increasing the rewards it offers, potentially up to $15,000.

Bugs and security issues are to be expected with all software -- it's an unfortunate reality that problems can and do arise. It is difficult for any developer to test every possible usage scenario, so it is often the users who discover problems with apps and online services. It is not uncommon for big-name companies to offer some form of compensation for helping out. Yahoo has already demonstrated its enthusiasm for improving security with its two-factor authentication features second sign-in and App Password.

Continue reading →

The Mozilla Foundation has awarded $2,500 USD in "bug bounties" to a German man who tracked down five separate security flaws in the Mozilla browser's code. The bounty program is an effort to make open source software more safe and secure.

Since the program's inception in 2004, five individuals have received compensation. Michael Krax, the latest recipient, uncovered bugs in Mozilla's chrome privileges. Funding is provided by Linspire and Mark Shuttleworth.

Continue reading →