In-brief: Fiat Chrysler Automobiles (FCA) has unveiled a public “bounty” program that will pay security researchers up to $1,500 dollars for information on vulnerabilities in software used in conjunction with the company’s vehicles. Don’t get too excited.
In-brief: Following the success of the Hack the Pentagon bug bounty program, officials at the U.S. Department of Health and Human Services are considering launching a similar program aimed at medical devices and other healthcare systems.
In-brief: In this podcast, Paul speaks with Craig Smith of Open Garages on GM’s bounty program, the state of connected vehicle security, and what the auto industry can learn from open source.
In-brief: General Motors (GM) has launched a program to entice white hat hackers and other expert to delve into the inner workings of its software. The reward: so far, a promise not to sue.
Weeks after launching its first, formal bug bounty program, Microsoft is set to issue its first monetary reward, according to a blog post by Katie Moussouris, the Senior Security Strategist at Microsoft’s Security Response Center (MSRC). Writing on Wednesday, Moussouris said that the company has received “over a dozen” submissions since it launched the paid bounty program on June 26, and that “I personally notified the very first bounty recipient via email today that his submission for the Internet Explorer 11 Preview Bug Bounty is confirmed and validated. (Translation: He’s getting paid.)” Last month, Microsoft announced its new policy to pay for information about serious vulnerabilities in its products. The company had long maintained that it provided other kinds of rewards for information on software holes – mostly recognition and jobs – and didn’t need to offer bounties, as firms like Google, The Mozilla Foundation and Facebook do. In launching the new […]
