Skip to main content

Programmer hits the jackpot with United bug bounty program

united airlines delays computer glitch news major glitches halt all nyse trading and ground flights
Image used with permission by copyright holder
Jordan Weins has become the first researcher to claim a huge miles bounty form United Airlines in return for reporting a remote-code execution error in their site.

Back in May United Airlines began offering mile rewards for reporting bugs in their online systems. The move was largely a response to criticism the airline faced after it booted a programs researcher off one of its flights. The boot was a punishment they saw fit when the researcher tweet about an exploit he found in the flights onboard systems. The mile rewards is offered in tiers depending on the severity of the issue found and of course reported.

Recommended Videos

United said it will reward the finding of “basic third-party issues affecting its systems with 50,000 miles, exploits that could jeopardize the confidentiality of customer information get 250,000 miles, and major flaws related to remote-code execution earn a maximum of 1,000,000 miles.” Other companies have also been known to offer bounties in an attempt to dissuade savvy programmers from taking advantage of flaws and instead turn them in for cash. The list includes heavy-weight tech names like Google, Facebook, and Yahoo!.

Related: Major bug grounded United flights, halted trading on NYSE

It was the first time that Weins had ever submitted to a bug bounty program, and he had no intention of receiving the grand prize. “There were actually two bugs that I submitted that I were pretty sure were remote code execution, but I also thought they were lame and wasn’t sure if they were on parts of the infrastructure that qualified,” Wiens told the ThreatPost security blog. “My expectation was that they counted, but I figured they’d award me 50,000 miles or something smaller.” One can imagine his surprise when United Airlines contacted Weins and told him to check his account, wherein he found many a vacation waiting for him.

While the gesture is certainly good for United publicity, it may also serve as bait for future researchers to submit, hoping to get the grand prize. Best of luck to all the hackers out there.

Andre Revilla
Former Digital Trends Contributor
Andre Revilla is an entrepreneur and writer from Austin, TX that has been working in and covering the consumer tech space for…
Google’s Android bug bounty program announces a $1 million prize
pixel 4 xl screen vs pixel 3 xl screen

Google has been handing out cash rewards to Android bug hunters since 2015 in an effort to keep the mobile operating system safe and secure and running smoothly.

This week the Mountain View, California-based company announced it is increasing its top payout to a whopping $1 million, with a potential for a 50% bonus that pushes it to $1.5 million.

Read more
Just buy a new laptop? Here’s how to know if you should return it
An Apple MacBook Pro 14 sits open on a table.

So, you just bought a shiny new laptop and pulled it out of its box. You're dying to fire it up and start playing around with it -- I still have that feeling even after unboxing over 200 different machines. Each one is new and different, and that appeals to the part of our brains that craves novelty.

But there's no worse feeling than realizing there's a problem with it after your return period ends. There's no good reason to hold on to a machine with a significant flaw when a simple return is available, so here are a few things to look for that can help you avoid getting stuck with a lemon or spending hours dealing with warranty support.

Read more
How to take a screenshot on a Windows PC or laptop
Dell XPS 15 OLED laptop sitting on a small table.

Screenshots are incredibly helpful for capturing images on your desktop, but the method for taking one on a Windows laptop or PC may not be immediately obvious if you haven't done it before.

Read more