NOTE: Be sure to click here to see all recent TravelSkills posts about: Delta’s first class sale + Aircraft size and flight delays + First class summer fare sales+ Chris’s summer travel outlook + United’s plans for LAX overhaul + Hertz’s fleet renewal
Last month, United Airlines banned security researcher Chris Roberts from flying on the carrier after he discussed and tweeted about security vulnerabilities he had discovered through in-flight entertainment system hardware under the aircraft seat.
But now United wants to reward computer geeks who can help it find any kind of vulnerabilities in its systems.
Specifically, United said it wants to hear from any MileagePlus member who can identify “a potential bug that affects our websites, apps and/or online portals,” and it is offering miles as a reward. United has created a new web page to describe the program.
The company said the bounty will be paid only to the first person who uncovers any specific bug. The types of bugs United is looking for include authentication bypass; bugs on it apps or customer websites; cross-site scripting (XSS) or request forgery; remote code execution, and so on.
The company doesn’t want bug-hunters to inject code into live systems or otherwise disrupt them, poke into other people’s MileagePlus accounts, test for bugs on aircraft systems like in-flight entertainment or Wi-Fi, or conduct scans of its servers.
How much can you earn? Low-severity bugs like cross-site scripting get 50,000 miles; authentication bypass bugs and a few other categories are worth 250,000 miles; and remote code execution brings in a cool million.
NOTE: Be sure to click here to see all recent TravelSkills posts about: Delta’s future + Aircraft size and flight delays + First class summer fare sales+ Chris’s summer travel outlook + United’s plans for LAX overhaul + Hertz’s fleet renewal