Blackphone & Silent Circle debut bug bounty programme
Two companies want to guarantee robustness of systems by encouraging users to find flaws and win money
Blackphone and Silent Circle have launched bug bounty programmes to reward security researchers for finding flaws in either the phone or Silent Cicle's network services and cloud infrastructure.
The programme aimed at Blackphone will focus on bugs in PrivatOS as well as update servers, and associated web portals.
The Silent Circle programme encompasses vulnerabilities in Silent Circle endpoint applications on supported OSes, Silent Circle network services and cloud infrastructure, and associated websites and web services.
Both programs offer a minimum reward of $128 per qualifying vulnerability; however, that reward could vary depending on the severity and type of bug.
"Ensuring the privacy of its users is at the core of what do, making security of the utmost importance," said Toby Weir-Jones, CEO of Blackphone.
"By launching our Bugcrowd bug bounty program, both companies are assuring their customers that their smartphone and communication software is subjected to the latest testing and assessment techniques, while providing a form of compensation for successful contributors."
Daniel Ford, CSO of Blackphone and Silent Circle, said the firm had high expectations for security and privacy. "In order to deliver on our expectations we must continually build a strong relationship with the security research community," he added.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
Blackphone started shipping back in June after its launch at the MWC in February.
The phone's OS is based on Android KitKat 4.4 and features Silent Circle's secure phone, text, and contacts suite of apps. The phone is a joint venture between Swiis-based Silent Circle and Spanish smartphone make Geeksphone.
The phone is designed to protect users from government surveillance programmes with encrypted text, calls and cloud storage. It is positioned in the market to be a competitor to Blackberry.
The Blackphone and Silent Circle bug bounty program comes as Microsoft launches its own programme to find flaws in its cloud offerings, offering a minimum payment of $500.
Rene Millman is a freelance writer and broadcaster who covers cybersecurity, AI, IoT, and the cloud. He also works as a contributing analyst at GigaOm and has previously worked as an analyst for Gartner covering the infrastructure market. He has made numerous television appearances to give his views and expertise on technology trends and companies that affect and shape our lives. You can follow Rene Millman on Twitter.