Uber Paying Hackers to Attempt to Breach Its System
Uber has become the most recent company to issue a reward in cash on tips about any bugs that its computer systems might have. On Tuesday, the ride-hailing business said it would be releasing a treasure map of its systems to a select number of hackers.
The bug bounty offered by the company starts on May 1 and will offer security researchers that are independent as much as $10,000 for finding different flaws in its computer security system that could lead to dangerous exposure of personal data about the passengers and the drivers of the company.
Uber is not the first company that has launched such a bounty, and has partnered with HackerOne an independent company, which specializes in the coordinating of bug bounties, but this Uber’s release of the treasure map might mark a new transparency level for the business.
Collin Greene, an Uber security engineering manager said the company was saying that here are the different areas of the website, the app for mobile use and how they function as well as the technologies that are underneath them.
Greene was previously at Facebook overseeing a similar type of program for the social network giant.
Uber’s map provides specific details of the software of the company, points to types of data that could be exposed inadvertently and suggest what flaw types are most apt to be discovered.
Uber previously has guarded all information about its system code. Researchers at Northeastern University recently described its algorithm that makes its surge pricing work as being a “black box.”
However, its new bounty, which is an effort launched previously by large tech companies like Microsoft and Apple, sometimes in contests that were private, also points to Uber’s shift in how the independent security researchers are being perceived.
They are now being considered as possible assets for their skills and knowledge rather than a shadowy agent or possible criminal.