Latest in Airlines

Image credit:

Find a security flaw and United Airlines will pay you in... miles

44 Shares
Share
Tweet
Share
Save

Sponsored Links

In the world of digital security, bug hunting is the practice of finding holes in a corporation's security and selling it back so the problem can be quietly fixed. Companies such as Microsoft know that it's far cheaper to pay researchers up to $100,000 up-front, rather than facing a massive public security breach shortly afterward. United Airlines has just started one of its own bug hunting programs, but the airline treats security experts much like it does its disgruntled passengers. Rather than just pay fees out in cold, hard, useful cash, the Joffrey Baratheon of airlines has decided to offer united air miles as a bounty.

The announcement comes just a few weeks after both the FBI and TSA asked airlines to start looking for theoretical hacks to their in-flight WiFi. It was prompted after security researcher Chris Roberts joked on Twitter that, on a United flight to Syracuse, he was able to access the airplane's oxygen mask controls. Naturally, he was met by FBI agents as soon as the plane touched down, and was promptly banned from flying with the airline.

As Wired points out, United have clearly missed the point with its bug hunting program, since it discourages people from looking for in-flight vulnerabilities. The rules also seem to discourage people from looking for issues that could hijack a plane, something that Hugo Teso claimed he could do at least two years ago. Instead, hackers are asked to poke holes in United's terrestrial operations, including its online authentication, mobile apps and remote code executions.

If, however, you're able to find and prove a remote code execution, you could receive a maximum payout of one million miles for your trouble. Although, knowing United as we do, there'll probably be some subclause that means you can only use your reward every third Sunday, and then only on the now-axed Newark to Columbia route.

Via: Wired
Source: United
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
44 Shares
Share
Tweet
Share
Save

Popular on Engadget

Drako's GTE electric supercar will be a four-motor, 1,200HP monster

Drako's GTE electric supercar will be a four-motor, 1,200HP monster

View
Nintendo says there is no Switch exchange program

Nintendo says there is no Switch exchange program

View
IKEA creates a business unit devoted to smart home tech

IKEA creates a business unit devoted to smart home tech

View
US will reportedly give Huawei another temporary reprieve

US will reportedly give Huawei another temporary reprieve

View
The next Apple Watch may come in titanium and ceramic models

The next Apple Watch may come in titanium and ceramic models

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr