ETHERLive
ETHERLive delivers real-time price and volume data across 16+ exchanges to users in a clear and easy-to-understand package. Users can get up-to-the-second updates for each exchange/currency pair, as well as aggregated market averages for each exchange, currency, and the market as a whole. It also provides a global converted average of all the currency pairs monitored by ETHNews, converted to USD.

---

24hr ---
--%
Wednesday Sep 19th 2018
RESOURCES

The Basics

Learn the basics of Ethereum and various cryptocurrency technologies

Learn More

What is Ethereum?

Understand the underlying principles of the Ethereum Platform

Learn More

The Blockchain

Discover the revolutionizing technology known as the blockchain

Learn More
SUBMIT

Press Release

Submit a press release for consideration on ETHNews

Submit Press

Story / Dapp

Submit a story or DAPP to be considered for publication on ETHNews.

Submit Story

Explanation

Submit "Ethereum Explainer" content for consideration to be featured on ETHNews

Submit Topic
ETHNews Logo
---
--%
Home
News
Etherlive
Ether Price Analysis
Resources
Contact Us

What’s In A Bug Bounty?

By

Daniel

Putney

WriterETHNews.com

Bug bounty programs are used across the tech sphere, including within the blockchain space, to improve the security of applications and web assets. ETHNews briefly explains what they are and why they’re important.

Keep your friends close but your enemies closer.

Following this vein of thought, tech companies and cybersecurity professionals are teaming up with hackers through bug bounty programs. Simply put, a bug bounty is a reward that an organization provides to independent, ethical hackers (called bounty hunters) for reporting vulnerabilities in its systems.

According to cybersecurity and bug bounty company HackerOne's 2017 Hacker-Powered Security Report, "Top companies are rewarding hackers up to $900,000 a year in bounties, and bounty rewards on average have increased 16 percent for critical issues since 2015." Big names like General Motors, Starbucks, Nintendo, and even the US Department of Defense have all relied upon hackers' expertise to improve their technology.

For example, financial services company Robinhood boasts a bug bounty program whereby hunters can earn up to $50,000 for their reports (the lowest bounty offered is $100). Although the company has had the program under its belt for some time, the team updated it just today:

"In the past, we weren't always clear about the types of reports we were looking for, or how we'd reward researchers for filing those reports – so we're launching a new program with bounty ranges for specific types of vulnerabilities (or 'bugs'). We want to make Robinhood a tantalizing target for researchers and it's important that, as a researcher, you know your time won't be wasted finding potential bugs in our software."

This sentiment applies to blockchain projects as well. Blockchain-based platforms are just as susceptible to security vulnerabilities as traditional applications and web assets. With the race to develop a viable product, sometimes security issues are overlooked or inadvertently introduced into systems.

Block.one, the team behind the EOS network, for instance, recently rewarded Dutch hacker Guido Vranken with $120,000 as part of its bounty program for his discovery of several vulnerabilities within the network. The EOS crew took its appreciation for Vranken's work a step further by apparently offering him a position with the organization.

CEO of HackerOne, Mårten Mickos, argues for the importance of bug bounties. "Our goal must be an internet that enables privacy and protects consumers," said Mickos, according to reporting from eSecurity Planet. "This is not achievable without ethical hackers taking an active role in safeguarding our collective security."

From a much broader perspective, the incentivization represented by bug bounty programs aligns with much of the libertarian ethos surrounding blockchain technology. If individuals are compensated for their hard work and effort, then, according to this mindset, we will theoretically have the best products and technologies. Bug bounties make sense in the cryptospace – although Medium may disagree.



Daniel Putney

Daniel Putney is a full-time writer for ETHNews. He received his bachelor's degree in English writing from the University of Nevada, Reno, where he also studied journalism and queer theory. In his free time, he writes poetry, plays the piano, and fangirls over fictional characters. He lives with his partner, three dogs, and two cats in the middle of nowhere, Nevada.

ETHNews is committed to its Editorial Policy

Like what you read? Follow us on Twitter @ETHNews_ to receive the latest Bug bounty, Robinhood or other Ethereum technology news.