Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

Bug The Almighty Buck

GitHub Launches Bug Bounty Program, Offers Between $100 and $5,000 14

Posted by timothy
from the bounteous-maximus dept.
An anonymous reader writes "GitHub today launched the GitHub Bug Bounty program 'to better engage with security researchers.' In short, the company will pay between $100 and $5,000 for each security vulnerability discovered and responsibly disclosed by hackers. The program currently covers the GitHub API, GitHub Gist, and GitHub says its other Web properties and applications are not part of the program, but it says vulnerabilities found 'may receive a cash reward at our discretion.'"
This discussion has been archived. No new comments can be posted.

GitHub Launches Bug Bounty Program, Offers Between $100 and $5,000

Comments Filter:
  • by Anonymous Coward

    Isn't the bounty range a little low?

  • by Anonymous Coward

    GitHub does not make the source code to it's software available under a free software license and includes non-free JavaScript. The service will also recommend non-free programs which is unethical. You should therefore not use the service, nor should you assist in improving it.

    • by Ibiwan (763664)
      Go home, RMS; you're drunk!
    • by yakatz (1176317)
      GitHub is one of the best designed Project-Hosting-as-a-Service websites that exists. They pay for hosting an untold number of free open-source repositories by selling their services to teams and companies. You can even buy a GitHub appliance that you host in your own network to make sure your code never leaves.

      If you want to use one of the "free as in speech" Git platforms, by all means, just do. But if you want a GUI, bug tracker, wiki, web hosting, etc. that cost a significant amount of money to develop

fortune: cannot execute. Out of cookies.