Establishing Digital Trust: Don't Sacrifice Security for Convenience
Secure messaging app provider Wickr recently announced a new bug bounty program under which it will pay as much as $100,000 to any hacker who uncovers and responsibly discloses a critical security flaw in its app that compromises the confidentiality or integrity of user data (h/t VentureBeat).
"We will also consider paying the same amount for defense techniques and novel approaches to eliminating the vulnerability that are submitted at the same time," Wickr co-founder and CTO Robert Statica said in a statement [PDF]. "Our goal is to make this the most generous and successful bounty program in the world."
Still, the company says any flaws must be responsibly disclosed.
"To allow sufficient time for internal review and remediation, and to qualify for reward, qualifying security bugs submitted under this program cannot be disclosed or reported to any third party within three (3) months of the date of submission without our written permission," the program rules state.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
Submissions should be sent to firstname.lastname@example.org.