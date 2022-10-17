from the I'm-going-to-write-me-a-minivan! dept.
Find a bug in Tinder or Dropbox? You may be able to get paid by Google:
According to HackerOne, Google's new bug bounty program now incentivizes hackers to unearth software vulnerabilities in some of the more popular third-party apps on the Play Store. The new program will presumably result in more secure Android apps while also limiting the damage whenever a serious issue is discovered. While perhaps not a common occurrence, it's not all that unusual to see reports of malware infecting widely downloaded Android apps.
[...] Notably, the new bug bounty program, as it stands now, only applies to Google-developed Android apps and the following third-party apps: Alibaba, Dropbox, Duolingo, Headspace, Line, Mail.Ru, Snapchat, and Tinder. Down the line, though, the program may open up to include additional third-party apps.
(Score: 2) by FatPhil on Sunday October 22, @10:28PM
Rewarding the existence of bugs? That will encourage the creation of more bugs. Never heard of the cobra effect?
(Score: 2) by takyon on Sunday October 22, @10:32PM
Tinder and Dropbox both store loads of embarrassing user data. It would not be worth it for either company or one of their programmers to sneak in a bug.
Come to think of it, Dropbox has a multibillion dollar valuation... maybe they should be paying the bug bounties, not Google.
