United Airlines bug bounty program pays in air miles

The friendly skies just got friendlier for vulnerability researchers, now that United Airlines has followed in the footsteps of Twitter, Facebook and others to offer a bug bounty of its own that will pay millions - in air miles, that is - rather than dollars.

United will award up to one million award miles to researchers who discover severe vulnerabilities, though they'll first have to be a member “in good standing” of United's MileagePlus program to claim their rewards. The airline noted that a bug must be a new discovery to be eligible and the reward will go to the first researcher who submits it. In addition, whoever discovers a bug can't reside in a country that appears on a U.S. sanctions list, nor can he or she be the author of the vulnerable code or an employee of the airline or its partners.

You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS