Skip to main content

Bug hunters: so you can live by analyzing the code of the big companies

All computer programs and software have failures.The important thing is to detect and correct them in time.No matter how much time has been spent testing with programs or systems, the truth is that, when they go on the market, failures are always reported.The same goes for online applications and services: they have problems that need to be solved, which is why large companies reward bug hunters , which help them correct problems with their systems and applications.


The most juicy rewards are those that can compromise the security of the systems, so they are the ones that attract the attention of a greater number of researchers.Within them there are two types: those that focus on the problem search with a very technical approach, and then there are those who try to think like the bad ones .


The company Bugcrowd has a list with the main companies that offer some kind of reward and the type in question.In this sense, it can be an honorable mention or enter into what they call the "Hall of fame" of the company, loot or reward, which are usually monetary and depend on the amount offered.The truth is that is usually paid based on the importance of the failures found .


The Google hackaton


Google has recently presented a Hackaton for Android , called Project Zero, in which researchers who manage to find vulnerabilities in the company's operating system are eligible for a prize of 200,000 dollars.a prize of 100,000 and 50,000 dollars the second and third.


The objective is to see to what extent an investigator can find vulnerabilities, but also see how bad boys operate when discovering them, what paths they follow, etc.For this, all participants need Deliver a technical document detailing how you found the problem.


Microsoft, its Insiders program and the rewards for Bugs hunters


Bug hunters: so you can live by analyzing the code of the big companies


To debug its updates and new operating systems, Microsoft has a program called Insiders.Those enrolled in it can try the news of the Redmond company in exchange for reporting usage reports, which will serve to detect possible problems before removing it to production.In spite of this great program of betatesters , other problems can occur.I nsiders is focused on finding bugs that affect the operation of systems and programs .


The Windows developer has generously rewarded those who have made some security discovery or contribution. Offers up to 100,000 dollars to those who find security errors that put their software at risk This is the case of James Forshaw, a researcher at the British company Context Information Security, who took the reward for finding an error that skipped some protections included in the previous version of Windows 8.1.


Vasilis Pappas, a student who was a student at Columbia University at the time, took about $ 200,000 to design an innovative security prototype to prevent the exploitation of memory security vulnerabilities in Windows applications.


Facebook also rewards hackers and bug hunters


Bug hunters: so you can live by analyzing the code of the big companies


Facebook has paid more than a million dollars in bug hunter rewards.An example of this is Reginaldo Silva, a systems engineer from Brazil who found one of the worst vulnerabilities within the software from Facebook, achieving a reward of $ 30,000.


This happened as a result of the publication of a letter in the profile of Mark Zuckerberg by an investigator who did not want to pay to find this vulnerability of the service.looking for rewards.On an economic level, the truth is that a million dollars is very little for the image problems that the company may have if the vulnerability is published.


United Airlines pays with airline miles to report bugs


In other cases, companies pay in kind, that is, in what they sell.If United Airlines operates, which rewards with air miles, that is, with free trips, to those investigators who report bugs.The scale ranges from 50,000 miles for a low-level error, going through 250,000 for reporting personal data leaks or the leap of authentication and up to 1,000,000 miles for more serious vulnerabilities.


Apple's policy change in bug hunter rewards


Bug hunters: so you can live by analyzing the code of the big companies


A striking case is that of the Cupertino company, which did not reward the hunters of bugs, but recently this policy has changed offering up to 200,000 dollars for finding security problems in its applications and system This means greater security for users, as vulnerabilities found in both iOS and their desktop system will be adequately rewarded and, more importantly, patched.


The truth is that the work of the security researcher has a lot to do with analytics.The reward is only seen at the time of finding the problem, but the amount of hours behind analyzing code and the behavior of the programs It is immense, and in many cases the access to the source code of the programs is not available for researchers, which also complicates their work.

Comments

Popular posts from this blog

Is it a good idea to share photos of our children on social networks?

VGstockstudio/Shutterstock A few days ago it transpired that Gwyneth Paltrow, who has 5.3 million followers on Instagram, had had a small fight with her daughter, Apple Martin, after the 14-year-old girl called her mother's attention to climb to the social networks a photo in which she left.The important thing, beyond who is right, is that the issue has generated a discussion about where the limits on the information that parents should place they share their children on the networks. Related We often think in a wrong way that young people don't care about their privacy, a belief fueled by advertising campaigns they give because they share their personal life in excess or do not understand what they are exposed to.However, as I have written on some occasion on the subject, parents may have to worry less than they think, given that young people tend to to handle privacy responsibly.or, it should be the parents, and not their children, who were most careful with their o...

Why do young Spaniards want to be (at all costs) "popus" in social networks?

Through mobile, tablet or computer, teenagers are now connected at all times with their friends or strangers thanks to social networks, instant WhatsApp messaging or video platforms such as YouTube. According to data from the consultancy Comunica + por-, 40% of adolescents in this country are connected 24 hours a day, while 5 out of 10 connect until they go to sleep, and only 30% it is less than 3 hours a day.The intensive Internet connection is thus the modus vivendi of young Spaniards. Related In addition, this generation likes to use many media at the same time.While they watch television, listen to music, surf the Internet and connect to their social profiles, they may be doing their homework.social and apps to connect with your friends , like the popular WhatsApp, take your preferences .This is because, in the adolescent stage, people usually build their identity, wondering who they are and how others see them. Be accepted by peers They seek the acceptance of their peers ...

The 10 trends that have changed the way we shop from top to bottom

From the Orange Foundation they show us how the changes in the business fabric of our country are taking place thanks to the Internet and all its «friends»: the multiscreen, the social networks, the mobile, the cloud...If our (bis) grandparents saw us, they would not know how it is possible for us to buy a jacket by squeezing a few buttons.That if, as soon as we explained it, they would hook up without remedy.-The digital transformation of the retail sector shows us the keys to this process.Today we are going to study the ten trends that are being fundamental to change the way we buy.Do you aim? 1.The omnichannel of the retail sector Behind this long word, there is a very simple explanation.Do you want to buy from your PC, or better using the tablet, or maybe from the smartphone...? You can do it from the store's website or through Facebook. A multitude of channels and they all take us to the same port: a satisfactory purchase. 2.Automation, customization and recommendat...

The fourth century of the data guardian: this has changed the AEPD

October 1993.Bill Clinton has recently been elected president in the United States.Checoslovaquia has ceased to exist and the Medellin cartel terrorizes Colombia, while Pablo Escobar counts his last days.In the Spanish covers the future of Europe and democracy.There was talk of reforming the labor market and a new abortion law that would never be approved.Discussions resembled those of today, but a revolution was beginning to cook . Related The Internet was then something unknown to most of the population.In our country, there was a whopping 10,000 machines connected to the network (according to Red Iris data ).There were 10,000 web pages in the world.Mobile phones would be a luxury from the following year (1994); smartphones , still science fiction.Most of the inhabitants of the planet had not yet begun to leave the trail of data that haunts us today.And yet, that October of 1993 was born the Spanish Agency for Data Protection as a premonition of what was to come. everything ...

Tribes: the instant messaging app for musicians and their fans

Tribes, a startup of Spanish origin, has just launched a new free application that unites instant messaging, streaming music and the ability to connect musicians and fans Everyone with similar tastes. The application, which has just presented its mobile version for Android, allows you to create and join groups, called tribes, in which to comment, discover and listen to songs in streaming. Tribes, which has an intuitive interface and Colorist , offers more than 50 million songs to share and the possibility of creating and playing collaborative playlists in each tribe. »Music fans miss a place to interact with others fans and with our favorite bands, something like what was once MySpace, "explains its CEO and founder, Andres Sanchez through a statement." Social networks now play this role, but not They are designed or designed for music lovers.Using new available technologies such as messaging and streaming reinvent the concept and try to make Tribes the place of ref...

How to achieve the perfect selfie on Instagram (word of photographer)

That you raise your hand that has never taken a selfie ...Ok, you may not have finally uploaded it to Instagram because you have not left as favored as you thought, but all, at last and after all, we have succumbed to the temptation to photograph ourselves. If the reason why you have not dared to upload this snapshot to your social network is because you have not obtained the expected result, calm.It is not necessary to be the king or queen of the selfies, but here we are going to Offer a series of tips and tricks to improve your technique .Word of professional photographer. The light, the light... Let's recognize it.It has been difficult to find a photographer who wants to give us these guidelines.Not surprisingly, they usually work doing portraits, and the protagonist of their work is always in front of the camera, not behind. Therefore, Carlos Aires tells us that his main advice now is not to take any selfie ."The saturation is of such a magnitude that it seems ...

I want to be an eSports player, where do I start?

Nowadays, the eSports industry is something unbeatable for a rookie player .How many leagues are there? Where can you start playing professionally? without getting lost between forums and promotions? What requirements are necessary? If you are tempted to be an eSports player, read on. We are going to put a little order on this gigantic ecosystem that attracts more spectators and players every day and in which not only players, but also trainers, physiotherapists, lawyers and analysts of diverse people are involved, so if you want to train part of such a demanding industry, we already let you know: it requires a lot of discipline, commitment, companionship and sense of duty . PLAYING FOR FUN The common situation is usually the following: a player has been soaking up his favorite hobby for some time, consulting forums and improving his system in order to have a team capable of competing: headphones, a good keyboard and mouse, looking the best way to optimize the imput lag of ...

How to create animations online without touching a line of code

Although traditionally the photographic and video edition, the design of logos, the elaboration of posters and other disciplines were relegated to the professionals, the popularization of the Internet and the technological development have resulted in the birth of more tools simple to use that have brought this type of creations to all types of users. Today we will focus on those designed to design animations , something that we usually associate with complicated tasks and programming processes, however, it is possible to give rise to some of the funniest without touching a single line of code or download any software.These are the best online services that will allow us to do so. Make Web Video One of our favorites is Make Web Video, a site that is not only easy to use, but also has a vast and original selection of templates .For example, there are some to create cartoons , to design corporate videos, scrapbooks and others.Also, by passing over them, we can preview them,...

How to put music to a YouTube video without being deleted for infringing copyright

Upload a video to YouTube that contains a song may violate copyright and cause unpleasant consequences, from the removal of the video to, in case of repeated violations, the closing of the channel.However, put music on YouTube without infringing copyright is possible and there are several methods. Related You can take advantage of the functions of the portal that let you know if a song is usable and, in addition, monetize its use.It is also possible to access the archive of free songs made available by YouTube or, alternatively, go to one of the numerous Websites that host melodies with a Creative Commons license. But, we go in order with this little guide . All the options to upload music in a video The famous platform for watching and sharing videos introduced a system to discover how to use a particular song, even if it is covered by copyright. How to do it? Once the web has been logged in through the Google account, you must click on our image (or in the space for...

If you want to get rich on YouTube, you better not talk about politics

There are youtubers gastronomic, fashion, technology, games and almost anything that comes to mind, some of them with masexito and others with less.The illusion of all these new audiovisual communicators is to live from it and become the new Rubius.And it may be that someone achieves this dream... as long as he does not choose national politics as thematic. At least it is what emerges from a study recently published, prepared by teachers Vanessa Rodriguez Breijo, Jorge Gallardo Camacho and Javier Sierra Sanchez, from the universities of La Laguna and Camilo Jose Cela. Enel, concludes that Youtube is a territory that is not very fertile for political debate. selflessness for politics In fact, as highlighted in the conclusions of this investigation, the frequency, number of views and user interaction in the videos selected in the sample revealed that the viewers had less interest in politics that for other themes related mainly to entertainment and it seems, in addition, that ...