Uber: Hack us and we’ll give you up to $10,000

Uber: Hack us and we’ll give you up to $10,000

Today, Uber — the site with a bit of an image problem when it comes to security — opened the doors on its bug bounty program and promised payouts of up to $10,000.

The program has very specific examples of what qualifies for a reward, such as cross-site scripting (XSS), SQL injection, server-side remote code execution (RCE) and others. You can find what it it is, and isn’t, looking for here. Or, you can peruse the company’s blog post for information about specific technologies in use across several Uber Web properties, including:

  • https://*.uber.com/
  • https://*.dev.uber.com/
  • http://petition.uber.org
  • http://ubermovement.com
  • iPhone Rider Application
  • iPhone Partner Application
  • Android Rider Application
  • Android Partner Application

If you find a bug, you’ll be paid $3,000 to $10,000 for issues for one of the items on its hit list, or you’ll get a nice firm pat on the back if you find an issue related to fraud, as Uber isn’t currently rewarding those who find fraud issues.

➀ UBER ENGINEERING BUG BOUNTY: THE TREASURE MAP [Uber via HackerOne]

Read next: Rumors of a new MacBook Pro only prove it's time Apple refresh its desktop lineup

Shh. Here's some distraction

Comments