Forgot your password?
typodupeerror
Bug The Almighty Buck

GitHub Launches Bug Bounty Program, Offers Between $100 and $5,000 14

Posted by timothy
from the bounteous-maximus dept.
An anonymous reader writes "GitHub today launched the GitHub Bug Bounty program 'to better engage with security researchers.' In short, the company will pay between $100 and $5,000 for each security vulnerability discovered and responsibly disclosed by hackers. The program currently covers the GitHub API, GitHub Gist, and GitHub.com. GitHub says its other Web properties and applications are not part of the program, but it says vulnerabilities found 'may receive a cash reward at our discretion.'"
This discussion has been archived. No new comments can be posted.

GitHub Launches Bug Bounty Program, Offers Between $100 and $5,000

Comments Filter:
  • by Anonymous Coward

    Isn't the bounty range a little low?

  • by Anonymous Coward

    GitHub does not make the source code to it's software available under a free software license and includes non-free JavaScript. The service will also recommend non-free programs which is unethical. You should therefore not use the service, nor should you assist in improving it.

    • by Ibiwan (763664)
      Go home, RMS; you're drunk!
    • by yakatz (1176317)
      GitHub is one of the best designed Project-Hosting-as-a-Service websites that exists. They pay for hosting an untold number of free open-source repositories by selling their services to teams and companies. You can even buy a GitHub appliance that you host in your own network to make sure your code never leaves.

      If you want to use one of the "free as in speech" Git platforms, by all means, just do. But if you want a GUI, bug tracker, wiki, web hosting, etc. that cost a significant amount of money to develop

One small step for man, one giant stumble for mankind.

Working...