Home
Others
Others News
HP Ready to Pay Hackers Up to $10,000 for Finding Software Flaws in Its Printers

HP Ready to Pay Hackers Up to $10,000 for Finding Software Flaws in Its Printers

By Tasneem Akolawala | Updated: 31 July 2018 18:33 IST

Click Here to Add Gadgets360 As A Trusted Source

Highlights

Researchers can earn up to $10,000 in reward from HP
HP bug bounty program is private for now with 34 researchers
These researchers are given access to 15 HP printers

In a new development, HP has announced a new bug bounty program to improve security of its printers. The company claims that it is willing to shell out as much as $10,000 (roughly Rs. 6,85,300) to any researcher who discovers a serious software flaw in its printer line-up. HP claims that this program is private for now, and is based on an invite-only model, but it plans to make it public in the future. For now, invited researchers are given access to a set 15 different HP printers to pry and poke into, and find out vulnerabilities, if there are any.

CNET reports that HP started this bug bounty program in May this year, and has already given $10,000 prize to one researcher who pointed out a critical vulnerability. The program has 34 researchers on board at present.

Shivaun Albright, the company's chief technologist for printer security, told CNET that HP is focused on printer security because of how vulnerable Internet of Things devices are. While there's a heavy focus on connected devices and their security flaws, it's often on web cameras, smart televisions or light bulbs, but not printers.

HP's new bug bounty program will be run through BugCrowd, and is based on invite-only basis to better manage incoming vulnerabilities. The company has given access to these select researchers, to 15 HP printers located in its offices. These researchers can then dig into these printers' software and find vulnerabilities from their computers sitting at home.

Google also indulges in such a program where it gives out rewards to all researchers for finding critical bugs and reporting them to Google before they are misused. Many researchers do this as a full time job even, gaining good chunk of rewards, by snooping into Google's software services and reporting vulnerabilities. As part of Google's Vulnerability Reward Program (VRP), the tech giant paid out almost $3 million (roughly Rs. 19 crores) to security researchers in 2017 as rewards for the vulnerabilities they found in its products and services.

Comments

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.