Kim Dotcom offers cash for bugs.
The freshly launched Mega cloud storage service is putting its security to the test with cash prizes for hackers who can find bugs in the service. Successful breaches of Mega security could net an enthusiast up to €10,000.
"We have, however, also suffered three direct hits, and we want more! To improve MEGA's security, we are offering rewards to anyone reporting a previously unknown security-relevant bug or design flaw," The Mega site reads.
The following type of bugs qualify for payment...
There is also a "bonus bounty" on offer to earn the maximum reward. Mega challenges you to send them the key that will decrypt this file, as well as one other challenge to send a password encoded in a particular sign-up confirmation link.
More Info: Mega
"We have, however, also suffered three direct hits, and we want more! To improve MEGA's security, we are offering rewards to anyone reporting a previously unknown security-relevant bug or design flaw," The Mega site reads.
The following type of bugs qualify for payment...
- Remote code execution on any of our servers (including SQL injection)
- Remote code execution on any client browser (e.g., through XSS)
- Any issue that breaks our cryptographic security model, allowing unauthorized remote access to or manipulation of keys or data
- Any issue that bypasses access control, allowing unauthorized overwriting/destruction of keys or user data
- Any issue that jeopardizes an account's data in case the associated e-mail address is compromised
There is also a "bonus bounty" on offer to earn the maximum reward. Mega challenges you to send them the key that will decrypt this file, as well as one other challenge to send a password encoded in a particular sign-up confirmation link.
More Info: Mega
