Tuesday 26 July 2016

Twitter Awards $10K To Hacker Who Discovered Flaw In Vine

Source code essentially runs a program, be it a webpage or an app. So when that code is made available to the public, it not only opens the door to copycats, it gives competitors and hackers a look under the hood. Thankfully for Twitter, the person who found a security flaw that left the source code for its short-form video platform vulnerable didn’t have nefarious plans. And now he’s on the receiving end of $10,000. 

Mashable reports that the white-hat hacker, who goes by the pseudonym “avicoder,” received a $10,080 “bug bounty” from Twitter for uncovering the security flaw that could have allowed ne’er-do-wells to make an exact replica of Vine to phish other users.

The hacker, who detailed his findings in a blog post, says he uncovered the issue while looking for vulnerabilities with a network-scanning search engine.

He found that he was able to download Vine’s entire source code through a public docker image and use the code to host a replica of the service locally.

The India-based hacker says that he’s found 15 other bugs in Twitter so far, and had received other bounties from the company.

Twitter announced in May that it had paid out a total of $322,420 to researchers for uncovering flaws in its products. The highest payout was $12,040, Mashable reports.

Twitter awards $10,080 to hacker for discovering security flaw in Vine [Mashable]


by Ashlee Kieler via Consumerist

No comments:

Post a Comment