Welcome to 018! This week1;s episode is the first of the year, and we17;re joined by longtime regular Fahmida Rashid to talk about DJI17;s bounty problems and a pitch about video surveillance programs. We also talk about what we think will make headlines this year.

DJI’s bug bounty:

Researcher Kevin Finisterre posted an essay describing his experiences with the DJI bug bounty program, ultimately walking away form a $30,000 payout due to interactions with the company. A copy of his essay is available via The Register.

In short, Finisterre and the others he worked with discovered sensitive information exposed on AWS. When he queried DJI about the findings and asked if they were within the scope of their bug bounty, the company responded (after lots of back and forth) that it was and offered him a bounty of $30,000 USD.

To read this article in full, please click here



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here