Teenager gets 1m air miles for discovering United bugs
Dutch security researcher gets mammoth payout as part of United Airlines' bug bounty programme
United Airlines has gifted a Dutch teenager with one million air miles after he discovered around 20 vulnerabilities in the company's systems.
According to the Dutch Broadcast Foundation, 19-year-old security researcher Oliver Beg used part of his reward to fly to the Black Hat and DEFCON security conferences in Las Vegas.
"There are a lot of hackers found vulnerabilities at United," he said. "For the most serious I got 250,000 miles." The round trip from Amsterdam to Las Vegas cost Beg 60,000 of his air miles, meaning that he could do the trip 15 more times and still have change left over.
The massive payout comes as part of United's bug bounty programme, which the company established last year. Bug bounties encourage security researchers to disclose flaws by offering rewards for reporting them and have been updated by major tech companies like Google, Facebook and - most recently - Apple.
However, while most companies simply offer cash rewards, United's programme offers air miles instead. This tactic has been criticised by some, who have suggested that researchers may not have as much use for air miles as for cold, hard cash.
On the other hand, Beg claimed that other attendees at the conferences had also travelled out using air miles from United's bounty programme. The company has already paid out bounties to several researchers, although only one other person has received a million-mile total.
Regardless of whether or not it's better to reward researchers with miles or money, the majority of experts agree that having some form of bug bounty programme is better than nothing.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
Adam Shepherd has been a technology journalist since 2015, covering everything from cloud storage and security, to smartphones and servers. Over the course of his career, he’s seen the spread of 5G, the growing ubiquity of wireless devices, and the start of the connected revolution. He’s also been to more trade shows and technology conferences than he cares to count.
Adam is an avid follower of the latest hardware innovations, and he is never happier than when tinkering with complex network configurations, or exploring a new Linux distro. He was also previously a co-host on the ITPro Podcast, where he was often found ranting about his love of strange gadgets, his disdain for Windows Mobile, and everything in between.
You can find Adam tweeting about enterprise technology (or more often bad jokes) @AdamShepherUK.