HP Ready to Pay Hackers Up to $10,000 for Finding Software Flaws in Its Printers
Advertisement
Highlights
- Researchers can earn up to $10,000 in reward from HP
- HP bug bounty program is private for now with 34 researchers
- These researchers are given access to 15 HP printers
In a new development, HP has announced a new bug bounty program to improve security of its printers. The company claims that it is willing to shell out as much as $10,000 (roughly Rs. 6,85,300) to any researcher who discovers a serious software flaw in its printer line-up. HP claims that this program is private for now, and is based on an invite-only model, but it plans to make it public in the future. For now, invited researchers are given access to a set 15 different HP printers to pry and poke into, and find out vulnerabilities, if there are any.
CNET reports that HP started this bug bounty program in May this year, and has already given $10,000 prize to one researcher who pointed out a critical vulnerability. The program has 34 researchers on board at present.
Shivaun Albright, the company's chief technologist for printer security, told CNET that HP is focused on printer security because of how vulnerable Internet of Things devices are. While there's a heavy focus on connected devices and their security flaws, it's often on web cameras, smart televisions or light bulbs, but not printers.
HP's new bug bounty program will be run through BugCrowd, and is based on invite-only basis to better manage incoming vulnerabilities. The company has given access to these select researchers, to 15 HP printers located in its offices. These researchers can then dig into these printers' software and find vulnerabilities from their computers sitting at home.
Advertisement
Google also indulges in such a program where it gives out rewards to all researchers for finding critical bugs and reporting them to Google before they are misused. Many researchers do this as a full time job even, gaining good chunk of rewards, by snooping into Google's software services and reporting vulnerabilities. As part of Google's Vulnerability Reward Program (VRP), the tech giant paid out almost $3 million (roughly Rs. 19 crores) to security researchers in 2017 as rewards for the vulnerabilities they found in its products and services.
For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.
Further reading:
HP
Advertisement