You don’t need a mysterious persona or a stolen spaceship to be the next Boba Fett (or at least, the programmer equivalent). Bug bounties are quickly becoming a popular way for large companies to discover issues in their software that may be a threat to user security. Big names like Google, Microsoft, Yahoo, and Facebook already participate in bug bounty programs, and Twitter recently announced that they, too, will begin paying programmers who find bugs in their software. With a little time and dedication, independent security researchers can earn a minimum fee of $140 USD for each bug found on behalf of the popular social network.
Of course, bug bounties would not exist were it not for equally dedicated hackers. The iCloud celebrity phone hack over the weekend is only one example of many recent security leaks. Two weeks ago, the PlayStation network was down after hackers targeted Sony, and yesterday, federal officials announced that a security breach was detected on the HealthCare.gov website in July. Target is still feeling financial repercussions after the retailer’s credit card entry system was breached by thieves last year, and just two days ago, a similar breach was suspected of occurring at home improvement chain Home Depot. While these issues remain in varying stages of resolution, it is possible that a bug researcher could have prevented them from happening at all.
The large scope and increasing frequency of these breaches should encourage consumers to remember that while their phone numbers, credit cards, or photos may not be at risk today, in the field of data, we are all equal targets. Companies offering bug bounty rewards seem to understand this; regardless of whether you are a celebrity or a gamer, a grandmother or a college student, all personal data is worth protecting, and bug bounties help recruit programmers for the task.
If you think you have what it takes to be a bug bounty hunter, anyone that meets the requirements (which vary by company) can give it a try. You may even thwart the next big security hack—and don’t worry, the risk of being eaten by a sarlacc is minimal.