Thank the hackers. This week's Heartbleed vulnerability has everyone running scared (see box below
to read what you might do to protect yourself). The serious crack in
the foundations of the supposedly secure internet was revealed earlier
this week by a software engineer probing website security in his spare
time. He received a cash bounty for his work, which he then donated to
the Freedom of the Press Foundation, an organisation that funds
encryption tools for journalists.
The idea of publicly rewarding people who discover bugs could greatly improve internet security. New Scientist spoke with Merijn Terheggen, CEO and co-founder of HackerOne,
the platform through which Google's Neel Mehta received his $15,000
reward. Terheggen hopes that Heartbleed will be the first of many
vulnerabilities HackerOne turns up. If his vision is fulfilled, then the
rewards for discovering these dangerous holes in internet security will
ramp up quickly, both in financial and reputational terms.
How can crowdsourcing fix the internet?
Any bug can be found if enough people are looking for it. We want to adopt a similar model to Wikipedia
for securing the internet. Ten years ago no one would have ever
believed that an encyclopaedia written by random strangers from the
internet would be better than the Encyclopedia Britannica, but
that's the power of crowdsourcing. HackerOne builds both financial and
reputation rewards right into the process of vulnerability disclosure. FULL ARTICLE HERE
Any bug can be found if enough people are looking for it. We want to adopt a similar model to Wikipedia
for securing the internet. Ten years ago no one would have ever
believed that an encyclopaedia written by random strangers from the
internet would be better than the Encyclopedia Britannica, but
that's the power of crowdsourcing. HackerOne builds both financial and
reputation rewards right into the process of vulnerability disclosure. FULL ARTICLE HERE
No comments:
Post a Comment