Uber will take another step towards improving the app by inviting hackers to identify bugs in its software. In this perspective, the company will hold a bounty in May for those who manage to find flaws in the system. While smalls bugs will grant a couple of thousand dollars, major security problems can grant hacker as much as $10,000.
The company has set a period of ninety days for hackers to identify various flaws in the system and is offering some very attractive bounties. Apart from the prizes granted upon each finding, hackers who can find more than four bugs will also receive a bonus of 10 percent of the previous bugs’ average. The whole process will work as a loyalty program in order to encourage security researchers to keep searching for bugs.
In more details, Uber will also provide them with a treasure map that is meant to help them navigate the code of the company. The bugs are split into three levels. Medium bugs have the capability of changing the picture of the driver or allowing other to look up the universally unique identifiers of the user, and thus pay $3,000. The significant bugs pay $5,000 since they can expose private information such as names, email addresses, phone numbers, dates of birth and so on. Lastly, critical bugs such as a full takeover of the account or the ones that expose credit card numbers, driver license images, security numbers or bank account numbers, will grant hackers a nice $10,000.
While Uber has stated that the bounty is not organized as a response to an incident of hacking that has occurred lately, the company did record quite a few security breaches recently. For instance, two years ago such a bug managed to reveal private information of more than 50,000 drivers. Uber did not notify the users for five months which led to a fine by the state attorney general of New York, of no less than $20,000.
In 2015, hackers managed to keep their access to compromised accounts, in spite of the fact that the password was changed. The last such event took place this year when thousands of drivers received the tax and social security numbers of another Uber driver from Florida.
The company has also stated that it will make public the best submissions with the permission of the hackers, who usually stay out of the spotlight.
Image Source: Mises Institute
Latest posts by Sean Kavanaugh (see all)
- Hypotheses of Periodic Asteroid Strikes on Earth - Jun 28, 2017
- Scientists Helped Mice Get Pregnant Thanks To 3D Printing - May 19, 2017
- San Francisco Bay Reports High Number Of Dead Leopard Sharks - May 7, 2017