Samsung is the latest inward the listing of tech companies to launch a põrnikas bounty program, announcing that the South Korean electronics giant volition offering rewards of upwards to $200,000 to anyone who discovers vulnerabilities inward its mobile devices together with associated software.
Dubbed Mobile Security Rewards Program, the newly-launched põrnikas bounty programme volition encompass 38 Samsung mobile devices released from 2016 onwards which currently have monthly or quarterly safety updates from the company.
So, if you lot desire to accept business office inward the Samsung Mobile Security Rewards Program, you lot cause got these devices every bit your target—the Milky Way S, Milky Way Note, Milky Way A, Milky Way J, together with the Milky Way Tab series, every bit good every bit Samsung's flagship devices, the S8, S8+, together with Note 8.
"We accept safety together with privacy issues real seriously; together with every bit an appreciation for helping Samsung Mobile ameliorate the safety of our products together with minimizing opportunity to our end-consumers, nosotros are offering a rewards programme for eligible safety vulnerability reports," the companionship explains on its bug bounty website.
"We hold off frontwards to your continued interests together with participations inward our Samsung Mobile Security Rewards Program. Through this rewards program, nosotros hope to gear upwards together with hold valuable relationships alongside researchers who coordinate disclosure of safety issues alongside Samsung Mobile."Not only mobile devices, the tech giant's Mobile Services suite is every bit good business office of its põrnikas bounty program, which volition every bit good encompass apps together with services such every bit Bixby, Samsung Account, Samsung Pay, Samsung Pass, amid others.
For the eligibility of a reward, researchers together with põrnikas hunters ask to furnish a valid proof-of-concept (PoC) exploit that tin strength out compromise a Samsung handset without requiring whatever physical connector or third-party application.
The companionship volition evaluate the vantage depending on the severity score of the vulnerability (Critical, High, Moderate, together with Low) together with its touching on devices. The to the lowest degree vantage is $200, which is for low-severity flaws, acre the highest vantage is $200,000, which is for critical bugs.
The Higher vantage volition hold upwards offered for bugs that atomic number 82 to trusted execution surroundings (TEE) or Bootloader compromise. The score of severity volition hold upwards determined past times Samsung.
Samsung’s bounty of $200,000 is equal to the bounty vantage offered nether Apple's põrnikas bounty program but is slightly lower than Microsoft's newly launched bounty programme that offers $250,000 for Windows x safety bugs.
Following the path of major tech companies, the non-profit grouping behind Tor Project late joined hands alongside HackerOne to launch its own põrnikas bounty program, alongside the highest payout for the flaws has been kept $4,000.
So, what you lot are waiting for? Hunt for bugs inward Samsung products together with submit your findings to the companionship via the Security Reporting page.
