Want to make a stack of cash? All you have to do is come up with a "truly novel exploitation technique" for the upcoming Windows 8.1 Preview. Microsoft has launched a security bounty program that will reward hackers with up to $100,000 for finding security-related flaws in its next operating system. Qualifying submissions with accompanying "defensive ideas" will also be eligible for a BlueHat Bonus worth up to $50,000.
Those bounties will be ongoing, and they're scheduled to launch on June 26 along with the Windows 8.1 beta. There will be a separate bounty for critical vulnerabilities found in Internet Explorer 11, as well. That one is limited to the preview OS, and it's worth up to $11,000. Also, it expires July 26. Interested parties should check this post on the TechNet Security Research & Defense blog for more details on the program.
According to the official BlueHat Blog, Microsoft expects its bugs-for-bucks approach to evolve moving forward. This isn't just a one-off thing for Windows 8.1.
With deep pockets, Microsoft can certainly afford to sustain a generous bounty program. It's not the only big name willing to pay for exploits, either. Google, Mozilla, and Facebook all have bounty programs of their own. Heck, even the craft nerds over at Etsy will shell out $500 or more for legit vulnerabilities.
|1. GKey13 - $650||2. JohnC - $600||3. davidbowser - $501|
|4. cmpxchg - $500||5. DeadOfKnight - $400||6. danny e. - $375|
|7. the - $360||8. rbattle - $350||9. codinghorror - $326|
|10. Ryu Connor - $325|
|The TR Podcast 158: Planet of the Shield Tablets||0|
|Friday night topic: your top movies?||184|
|Deal of the week: Corsair's 750D case and four fans for $100||20|
|Android on x86: A quick look at Asus' Memo Pad ME176C tablet||46|
|Triple-wide radiator defines Thermaltake's new water cooler||52|
|Report: Google proceeds with $1 billion Twitch.tv buyout||35|
|New Asus 802.11ac router can top 1.7Gbps||71|
|The new new name for the UI is called Retro.||+40|