Oath Makes it Easier to Find Bugs on AOL, Yahoo, Tumblr

Oath is getting serious about security with a new unified bug bounty program.

SecurityWatch Until now, several brands siting under the Adjuration umbrella—AOL, Yahoo, Tumblr, and Verizon Digital Media Services (VDMS)—have had their own big bounty programs. Starting today, they will come up together as office of a combined program on the bug compensation platform HackerOne.

"Security researchers will be able to work on the AOL, VDMS and Tumblr properties on an invite-only basis, while the Yahoo properties volition be open to the public," Adjuration CISO and "Paranoid in Chief" Chris Nims announced in a blog mail. "Importantly, every Adjuration property is under the purview of the unified program."

To kicking off new program, Oath invited 40 white hats to San Francisco last weekend to hack its systems. Following the nine-hour hackathon, Oath ended upwardly paying more than $400,000 in bounties.

"Surfacing vulnerabilities and resolving them earlier our adversaries tin can exploit them is essential in helping us build brands people dearest and trust," Nims wrote.

Oath hasn't nonetheless specified exactly how much researchers can earn from their responsible disclosures, but said its plan "offers some of the almost competitive rewards." Both Google and Apple offer maximum bug bounty payouts of $200,000.

Oath said information technology will take into account "what data might have been exposed, the sensitivity of that data, the function that data plays, network location and the permissions of the server involved." The visitor advised researchers to "include thorough explanations with their problems reporting" for the highest potential payouts.

The motility comes about a twelvemonth and a one-half after Yahoo disclosed that up to 1 billion accounts were breached.

Most Angela Moscaritolo

Angela Moscaritolo

Angela Moscaritolo is PCMag's expert on fitness and smart dwelling house products. Teaching yoga for well-nigh 10 years has helped her in evaluating a range of connected health products including fitness trackers, heart rate monitors, rowers, smart scales, stationary bikes, strength training machines, treadmills, and more than. Angela also tests smart home devices from her ranch in Florida, including air purifiers, kitchen appliances, and robot vacuums, only to name a few.