Teenager gets 1m air miles for discovering United bugs

Dutch security researcher gets mammoth payout as part of United Airlines' bug bounty programme

United Airlines has gifted a Dutch teenager with one million air miles after he discovered around 20 vulnerabilities in the company's systems.

According to the Dutch Broadcast Foundation, 19-year-old security researcher Oliver Beg used part of his reward to fly to the Black Hat and DEFCON security conferences in Las Vegas.

Advertisement - Article continues below

"There are a lot of hackers found vulnerabilities at United," he said. "For the most serious I got 250,000 miles." The round trip from Amsterdam to Las Vegas cost Beg 60,000 of his air miles, meaning that he could do the trip 15 more times and still have change left over.

The massive payout comes as part of United's bug bounty programme, which the company established last year. Bug bounties encourage security researchers to disclose flaws by offering rewards for reporting them and have been updated by major tech companies like Google, Facebook and - most recently - Apple.

However, while most companies simply offer cash rewards, United's programme offers air miles instead. This tactic has been criticised by some, who have suggested that researchers may not have as much use for air miles as for cold, hard cash.

On the other hand, Beg claimed that other attendees at the conferences had also travelled out using air miles from United's bounty programme. The company has already paid out bounties to several researchers, although only one other person has received a million-mile total.

Advertisement
Advertisement - Article continues below

Regardless of whether or not it's better to reward researchers with miles or money, the majority of experts agree that having some form of bug bounty programme is better than nothing.

Featured Resources

Navigating the new normal: A fast guide to remote working

A smooth transition will support operations for years to come

Download now

Putting a spotlight on cyber security

An examination of the current cyber security landscape

Download now

The economics of infrastructure scalability

Find the most cost-effective and least risky way to scale

Download now

IT operations overload hinders digital transformation

Clearing the path towards a modernised system of agreement

Download now
Advertisement

Recommended

Visit/security/ransomware/356292/university-of-california-gets-fleeced-by-hackers-for-114-million
ransomware

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
Visit/security/cyber-security/356289/australia-announces-135b-investment-in-cybersecurity
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
Visit/cloud/cloud-security/356288/csa-and-issa-form-cybersecurity-partnership
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020
Visit/business/policy-legislation/356215/senators-propose-a-bill-aimed-at-ending-warrant-proof-encryption
Policy & legislation

Senators propose a bill aimed at ending warrant-proof encryption

24 Jun 2020

Most Popular

Visit/laptops/29190/how-to-find-ram-speed-size-and-type
Laptops

How to find RAM speed, size and type

24 Jun 2020
Visit/security/vulnerability/356295/microsoft-patches-high-risk-flaws-that-can-be-exploited-with-a
vulnerability

Microsoft releases urgent patch for high-risk Windows 10 flaws

1 Jul 2020
Visit/business/policy-legislation/356256/uk-invested-about-ps500m-in-wrong-gps-satellites
Policy & legislation

UK gov buys "wrong" satellites in £500m blunder

29 Jun 2020