Teenager gets 1m air miles for discovering United bugs
Dutch security researcher gets mammoth payout as part of United Airlines' bug bounty programme
United Airlines has gifted a Dutch teenager with one million air miles after he discovered around 20 vulnerabilities in the company's systems.
According to the Dutch Broadcast Foundation, 19-year-old security researcher Oliver Beg used part of his reward to fly to the Black Hat and DEFCON security conferences in Las Vegas.
"There are a lot of hackers found vulnerabilities at United," he said. "For the most serious I got 250,000 miles." The round trip from Amsterdam to Las Vegas cost Beg 60,000 of his air miles, meaning that he could do the trip 15 more times and still have change left over.
The massive payout comes as part of United's bug bounty programme, which the company established last year. Bug bounties encourage security researchers to disclose flaws by offering rewards for reporting them and have been updated by major tech companies like Google, Facebook and - most recently - Apple.
However, while most companies simply offer cash rewards, United's programme offers air miles instead. This tactic has been criticised by some, who have suggested that researchers may not have as much use for air miles as for cold, hard cash.
On the other hand, Beg claimed that other attendees at the conferences had also travelled out using air miles from United's bounty programme. The company has already paid out bounties to several researchers, although only one other person has received a million-mile total.
Regardless of whether or not it's better to reward researchers with miles or money, the majority of experts agree that having some form of bug bounty programme is better than nothing.