UPDATED 04:46 EST / MAY 15 2015

NEWS

Come fly with me: United offers FF points in new bug bounty program

United Airlines, Inc. has launched a new bug bounty program that rewards those who find security flaws with frequent flyer points.

According to reports, the new program provides the points in return for those who report flaws on United’s website and mobile app; not surprisingly though the program excludes finding flaws with onboard Wi-Fi, entertainment systems or avionics.

“At United, we take your safety, security and privacy seriously. We utilize best practices and are confident that our systems are secure. We are committed to protecting our customers’ privacy and the personal data we receive from them, which is why we are offering a bug bounty program — the first of its kind within the airline industry” United says in a statement on their website.

“We believe that this program will further bolster our security and allow us to continue to provide excellent service. If you think you have discovered a potential bug that affects our websites, apps and/or online portals, please let us know. If the submission meets our requirements, we’ll gladly reward you for your time and effort.”

To participate, researchers or the naturally curious must be a MileagePlus member (United’s frequent flyer program) of good standing, and can not be an employee of United Airlines, any Star Alliance member airline or any other partner airline, or live in a household with someone that does.

Naturally the airline adds “the researcher submitting the bug must not be the author of the vulnerable code.”

Rewards range from 50,000 points for low-level bugs such as cross-site scripting, 250,000 points for mid-level issues including vulnerability to brute force attacks, authentication bypasses and the ability to access private information, through to 1 million points for vulnerability to remote code execution.

How well the program will be received by those in the security field is yet to be seen; while the likes of Google and Facebook Inc. offer cash rewards for finding bugs, there might be a some out there who are keen United flyers.

Details of how to submit a bug under the program are available on United’s Bug Bounty site.

Image credit: aero_icarus/Flickr/CC by 2.0

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU