Technology, Top News

The EU opens its own bug bounty program for open source software

IN PRECISELY 86 DAYS – unless something dramatic happens – Britain’s 73 MEPs will lose their hard-earned (citation needed) European Union salary. For those that want one more hit of EU gravy after handing in the door pass, there is another way: finding bugs in open source software.

Bug bounties are nothing new, but they tend to be offered by companies with deep enough cash reserves to fund them, for obvious reasons. Facebook, Google, Microsoft and many others essentially pay people to find flaws in their software, so they can patch them before somebody else uses it to cause them bigger headaches further down the line.

So why is the EU getting in on the act? Simply because it uses open source software, and said programmes rely on the community to catch potential exploits. That’s proved pretty efficient in the past, but with the EU representing the interest of 28 countries – well, 27 and one putting on its coat to leave – one small exploit could cause a lot of big problems.

As such, German Pirate Party MEP Julia Reda has unveiled the bug bounty program for 15 pieces of software favoured in Brussels and beyond: 7-zip, Apache Kafka, Apache Tomcat, Digital Signature Services (DSS), Drupal, Filezilla, FLUX TL, the GNU C Library (glibc), KeePass, midPoint, Notepad++, PuTTY, the Symfony PHP framework, VLC Media Player and WSO2.

“The issue made lots of people realise how important Free and Open Source Software is for the integrity and reliability of the Internet and other infrastructure,” Reda said in her announcement. “Like many other organisations, institutions like the European Parliament, the Council and the Commission build upon Free Software to run their websites and many other things.”

Bounties range from €25,000 (~£22,500) for poking holes in DSS, all the way up to €90,000 (~£81,000) for moulding PuTTY to your will.

It may not be enough to warrant one of those little blue EU funding plaques for your front door, but it’s still a decent wodge of cash. µ

Further reading

Source : Inquirer

Previous ArticleNext Article
Founder and Editor-in-Chief of 'Professional Hackers India'. Technology Evangelist, Security Analyst, Cyber Security Expert, PHP Developer and Part time hacker.

Send this to a friend