Uber dares hackers to find flaws, offers up to $10K bounty

On-demand car service Uber is offering from $3,000 to $10,000 to hackers who can find flaws in its computer and communications systems.

HackerOne, a company that connects white-hat hackers to companies who want to use them to test the security of systems, is running Uber’s “bounty program.”

The amount of the reward is based on the severity of the flaw discovered by a hackers, i.e., security researchers.

HackerOne has established three categories of rewards; $10,000 for a “critical flaw,” $5,000 for a “significant flaw” and $3,000 for “medium issues.”

“Chaining of bugs is not frowned upon in any way, we love to see clever exploit chains!” Uber stated in its online challenge. “If you get access to an Uber server, please report it us and we will reward you with an appropriate bounty taking into full consideration the severity of what could be done. Chaining a CSRF vulnerability with a self-XSS? Nice! Using AWS access key to dump user info? Not cool.”

To read this article in full or to leave a comment, please click here

Read more: Uber dares hackers to find flaws, offers up to $10K bounty

Story added 23. March 2016, content source with full text you can find at link above.