AfterDawn: Tech news

Kim Dotcom offers money for Mega hacks

Written by James Delahunty @ 03 Feb 2013 3:34 User comments (3)

Kim Dotcom offers money for Mega hacks

Kim Dotcom offers cash for bugs.
The freshly launched Mega cloud storage service is putting its security to the test with cash prizes for hackers who can find bugs in the service. Successful breaches of Mega security could net an enthusiast up to 10,000.

"We have, however, also suffered three direct hits, and we want more! To improve MEGA's security, we are offering rewards to anyone reporting a previously unknown security-relevant bug or design flaw," The Mega site reads.

The following type of bugs qualify for payment...
  • Remote code execution on any of our servers (including SQL injection)
  • Remote code execution on any client browser (e.g., through XSS)
  • Any issue that breaks our cryptographic security model, allowing unauthorized remote access to or manipulation of keys or data
  • Any issue that bypasses access control, allowing unauthorized overwriting/destruction of keys or user data
  • Any issue that jeopardizes an account's data in case the associated e-mail address is compromised
There is an even longer list of bugs/hacks that DON'T count on the original post.

There is also a "bonus bounty" on offer to earn the maximum reward. Mega challenges you to send them the key that will decrypt this file, as well as one other challenge to send a password encoded in a particular sign-up confirmation link.

More Info: Mega

Previous Next  

3 user comments

13.2.2013 23:21

He is not that sure about it himself so he offers this small amount.

24.2.2013 12:32

Do you honestly think Kim Dotcom is as big as, say, Google? It's not an unreasonable amount; it's quite unfair to expect millions of dollars.

38.2.2013 16:44

Who cares if he's unsure, and it's not millions. If he's going to pay, and he can afford it, I frankly think it's a good idea. The script kiddies this is going to attract are probably (well some) far more competent than the best "security experts". Good way to get security fast.
I don't drink his kool-aid, but go him and good luck.

Comments have been disabled for this article.

News archive