Qualcomm Offers $15K Reward for Security Bugs

...

Qualcomm was left red-faced back in August at the DEF CON hacking conference when four vulnerabilities, named under the collective term "Quadrooter," were revealed for the company's chipsets. They allow complete access to any gadget running the vulnerable chips, which turns out to be around 900 million Android devices.

Qualcomm wants to avoid exploits of this scale ever happening in its products again, and so the company is launching a bug bounty program. In return for discovering and reporting security bugs, Qualcomm is offering up to $15,000 per bug as a reward.

The bug bounty program was created in collaboration with Hackerone, which touts itself as "the first vulnerability coordination and bug bounty platform." Hackerone was formed by security professionals from Facebook, Microsoft, and Google.

Qualcomm is running a closed program where it invites security researchers to take part. Initially, researchers who have already contributed to the security of Qualcomm's products will be able to sign up, but more researchers will regularly be invited to join.

A list of the chipset families Qualcomm wants security researchers to review is available, it includes the following products:

Rewards are offered for finding vulnerabilities in the following areas:

The rewards range from under $1,000 right up to the $15,000 maximum. To be eligible for $15K, Qualcomm needs to see a critical cellular modem vulnerability. A full list of pay outs for the different types of vulnerability can be seen on the Qualcomm Hackerone bug bounty program page.

Categories
APPLICATIONS
0 Comment

Leave a Reply

Captcha image


RELATED BY

  • 5300c769af79e

    12 Ways AI Will Disrupt Your C-Suite

    McKinsey & Company estimates that as much as 45% of the tasks currently performed by people can be automated using existing technologies.Artificial Intelligence (AI) is gaining momentum across industries with the help of companies such as IBM, Google, and Microsoft.
  • 5300c769af79e

    Oculus Riles Users Over Piracy Block That Fails Anyway

    4 of the Oculus App blocked a hack from LibreVR called "Revive," which allowed users to play Oculus games on rival systems, including the HTC Vive and Valve.This release bypasses the Oculus Platform DRM in Unreal Engine games, so the entitlement check doesn't fail because the headset isn't connected.
  • 5300c769af79e

    YouTube Mobile Live Streaming Launch Targets Facebook

    Google-owned YouTube plans to bring live streaming to its mobile app, a direct attack on recent moves made by Facebook.Creating and sharing video content from mobile devices is nothing new, but the immediacy of live streaming is all the rage these days.
  • 5300c769af79e

    Government IT News, Analysis, & Advice

    Dawn KawamotoBy Freelance Writer and Editor, 4/20/2016ReadPost a Comment @vnewman2   Good point.Michelle MaistoBy Freelance Writer, 4/20/2016ReadPost a Comment "It is easy to call on Congress to take on an issue -- but you better be prepared.