[HackerOne] has announced that US Dept of Defense (DoD) has decided to run their biggest bug bounty program ever, Hack the Air force.
You may remember last year there was the Hack the Pentagon bug bounty program, Well this year on the coattails of last year’s success the DoD has decided to run an even bigger program this year: Hack The Air force. Anyone from “The Five Eyes” countries (Australia, Canada, New Zealand, the United Kingdom and of course the United States) can take part. This is a change in format from the Pentagon challenge which was only open to U.S citizens and paid out a total of around $75,000 in bug bounties.
Now obviously there are rules. You can’t just hack The Air Force no matter how much you want “All their base are belong to you”. The DoD want computer hackers to find bugs in their public facing web services and are not so much interested in you penetration testing their weapons systems or any other critical infrastructure. Try that and you may end up with a lovely never-ending tour of Guantanamo Bay Naval Base.
Or join the cheese of the month club, I am sure our tax revenue can buy an IT expert’s time.
https://upload.wikimedia.org/wikipedia/commons/c/c6/Cheese_market_Basel.jpg
Rule number 1 with the Cyber:
Make sure images have no identifying feta data.
what are the cheese references about? I don’t get it. :(
Let’s hack the Vatican and free all those children kept in Pope’s basement.
“The DoD want computer hackers to find bugs in their public facing web services and are not so much interested in you penetration testing their weapons systems or any other critical infrastructure.”
I believe those people are called…spies.
Imagine the poor bastard that actually finds a flaw in one of their “critical infrastructures”.
I guess as long as you tell them it should be fine and you won’t vanish. Right..?
“We have a special prize for you, Sending a drone to drop it off now”
Under the recent law, any attack on a US system can be classified as an act of war.
Given you can be detained and tortured without trial, than the law cam never be tested in a real court.
Do you want some cheese instead?
https://upload.wikimedia.org/wikipedia/commons/thumb/d/dc/Coulommiers_lait_cru.jpg/800px-Coulommiers_lait_cru.jpg
It’ll be okay, Cubans have cheese, I think.
Will I have to sign for whatever it is the drone delivers?
I get that hacks upon “weapons systems or any other critical infrastructure” are bad, but aren’t they the more important vulnerabilities to get found (by white hats) than some public-facing website?
I agree but they want people to find bugs in their recruitment sites etc. They don’t want people poking around under the guise “I was finding bugs”.
Doesn’t have to be “under the guise”, after all even a security system can have a bug…The main question is what would said individual do when he finds a bug.
Pretty sure that intelligence agencies of other states can offer a much bigger bounty for an “interesting” bug :P
Their public websites may very well be the easiest way to access critical infrastructure. I’m sure the USAF is worried about users plugging stuff into their systems that provide a bridge to the “good stuff”.
if their critical infrastructure is in any way connected to their public-facing websites, they’re complete effing idiots. so you’re probably right ;)
Do the gouvernment want to know about bugs in their websites or about people that have certains skills?…. I wouldn’t participate in such things!
Patriot size cheese platters cater to both the ambitious and naive:
https://upload.wikimedia.org/wikipedia/commons/thumb/a/a8/Cheese_platter.jpg/800px-Cheese_platter.jpg
I believe this to be human honeypot trap ,they really after the hackers not to test their system I would not participate .
Don’t taze me bro
All sacred about keeping their own stuff secure… but CBF when someone else’s privacy is invaded regardless of the damage done.
Well done.
Drops ball..
“Its a trap”
Yeah… with the “weird” laws being passed recently with regards to cyber attacks, the definitions of terrorism, and just how many rights you actually have… this seems… unwise to participate in directly.
I am also of the opinion that if this was a real priority, they could hire people from those other agencies whose entire job it is to “hack” people/places/things.
Joshua
Long range wireless link to a 4G modem – vibration sensor triggered looks through telescope oh hello there shady suits, connection severed now hope they don’t do door to door.
Skype has launched its web-based buyer beta for the entire world, following starting it generally inside the United states and U.K.
previous this month. Skype for Internet also now facilitates Linux and Chromebook for
instant online messaging communication (no voice and video but, all those
require a plug-in installment).
The increase of the beta provides support for
a longer listing of languages to aid bolster that overseas functionality