You might not think that being a hacker could be a profession, at least not a legitimate one. But not all hackers are out to crack open systems to reveal private data and such. There’s an entire industry of people who essentially act as bounty hunters for large companies who want to keep their platforms secure.
Today, Uber announced that they would be starting a bounty program for bugs within its systems. They’re offering up to $10,000 to anyone who can find a critical bug in their app. They don’t just want you to find one bug and be done, either. They’re also offering additional rewards for people who continue to find exploits within their system.
Not all of the bugs will be worth the full $10k amount. Smaller bugs will be worth smaller amounts (the lowest being $3,000). But the good news is that if you find 4 bugs within the first 90 days, you’ll get a bonus when you turn in additional ones. The bonus is equal to 10% of the average payout of the other bugs you’ve found in that period.
If you’re wanting to get in on this gravy train, they’re going to give you a nice head start. They’re going to offer up a document that they’re calling “The Treasure Map.” While it won’t lead you straight to the bugs, it will give you an outline of the best places to look for vulnerabilities.
Uber has outlined the specific types of bugs and vulnerabilities that they’re looking for on their hackerone page.