Welcome to ! This week’s episode is the first of the year, and we’re joined by longtime regular Fahmida Rashid to talk about DJI’s bounty problems and a pitch about . We also talk about what we think will make headlines this year.

DJI’s bug bounty:

Researcher Kevin Finisterre posted an essay describing his experiences with the DJI bug bounty program, ultimately walking away form a $30,000 payout due to interactions with the company. A copy of his essay is available via The Register.

In short, Finisterre and the others he worked with discovered sensitive information exposed on AWS. When he queried DJI about the findings and asked if they were within the scope of their bug bounty, the company responded (after lots of back and forth) that it was and offered him a bounty of $30,000 USD.

To read this article in full, please click here

Source link


Please enter your comment!
Please enter your name here