Thursday December 31, 2015

Tor Project Launches Bug Bounty Program

If you have what it takes, you can make a little money on the side with Tor's bug bounty program. I'm not sure if the payouts will be as big as the ones Google hands out but I wouldn't be surprised if they are in the same ballpark.

Security flaws can not only be exploited by attackers but also sold on for use by governments and intelligence agencies. Exploit broker Zerodium, for example, offers up to $30,000 for previously unreported zero-day vulnerabilities impacting the Tor network. Bug bounties are a means to draft in additional help from security professionals to patch these problems. Offered by companies ranging from Google to Microsoft, bug bounties offer credit and sometimes financial rewards to researchers for reporting problems rather than selling them on in the underground or publishing them publicly before firms have a chance to fix issues.