Kim Dotcom offers money for Mega hacks

Kim Dotcom offers money for Mega hacks
Kim Dotcom offers cash for bugs.

The freshly launched Mega cloud storage service is putting its security to the test with cash prizes for hackers who can find bugs in the service. Successful breaches of Mega security could net an enthusiast up to 10,000.



"We have, however, also suffered three direct hits, and we want more! To improve MEGA's security, we are offering rewards to anyone reporting a previously unknown security-relevant bug or design flaw," The Mega site reads.

The following type of bugs qualify for payment...
  • Remote code execution on any of our servers (including SQL injection)
  • Remote code execution on any client browser (e.g., through XSS)
  • Any issue that breaks our cryptographic security model, allowing unauthorized remote access to or manipulation of keys or data
  • Any issue that bypasses access control, allowing unauthorized overwriting/destruction of keys or user data
  • Any issue that jeopardizes an account's data in case the associated e-mail address is compromised
There is an even longer list of bugs/hacks that DON'T count on the original post.

There is also a "bonus bounty" on offer to earn the maximum reward. Mega challenges you to send them the key that will decrypt this file, as well as one other challenge to send a password encoded in a particular sign-up confirmation link.

More Info: Mega

Written by: James Delahunty @ 3 Feb 2013 15:34
Tags
Kim Dotcom Mega
Advertisement - News comments available below the ad
  • 3 comments
  • pollution

    He is not that sure about it himself so he offers this small amount.

    3.2.2013 23:21 #1

  • Bozobub

    Do you honestly think Kim Dotcom is as big as, say, Google? It's not an unreasonable amount; it's quite unfair to expect millions of dollars.

    4.2.2013 12:32 #2

  • Tarsellis

    Who cares if he's unsure, and it's not millions. If he's going to pay, and he can afford it, I frankly think it's a good idea. The script kiddies this is going to attract are probably (well some) far more competent than the best "security experts". Good way to get security fast.
    I don't drink his kool-aid, but go him and good luck.

    8.2.2013 16:44 #3

© 2023 AfterDawn Oy

Hosted by
Powered by UpCloud