Programmers, security engineers and anyone with any interest in hacking, Uber is challenging you to find bugs in its systems and earn yourself a pretty penny while you do it.
No, this isn’t a job offer, but rather Uber’s public bug bounty program.
For those that read the above sentence as if it were an alien language, here’s a quick run down: a bug bounty programme is how some big companies keep their security tight and up to date. In return for finding a bug companies often pay the bug-finder, in this instance Uber will pay researchers $10 000 for the nastier bugs that are found.
By asking an outside party to pick at the code of an app or web page a company can get a fresh set of eyes on their security and as a result, keep its customers safe. The practice is especially common in firms such as Google and Facebook.
“Even with a team of highly-qualified and well trained security experts, you need to be constantly on the look-out for ways to improve,” said Joe Sullivan, Chief Security Officer at Uber. “This bug bounty program will help ensure that our code is as secure as possible.”
While the creators of the ride sharing app could just declare open season on a bug finding expedition they have given budding bug finders some help in the form of a treasure map.
The “map” outlines key areas the firm wants researchers/programmers/hackers to look for bugs in, including sub-domain’s such as vault.uber.com where partners input banking details.
The map is incredibly detailed and can provide those interested in bringing the ride sharing app to its knees (legally speaking of course) with a great starting point.
Once a bug is found and reported to Uber, a payment will be made to the researcher/programmer/hacker who found it up to the amount of $10 000 (R152 000) for what Uber refers to as “critical issues”.
Starting 1st May Uber will also start a loyalty reward program season in which researchers/programmers/hackers will be encouraged to find bugs over the course of 90 days, being rewarded once four bugs have been found and for every bug found after that.
For any of our readers that want to take a shot at breaking the firm’s app and services while earning a fair whack of money at the same time be sure to check out the Uber treasure map and a full explaination of what Uber is looking for on Hacker One.[Source – Uber] [Image – CC BY/2.0 siamesepuppy]