Jump to content
Sign in to follow this  
yamamushi

A Bug Bounty/Reward System for Reporting Vulnerabilities

Recommended Posts

I would like to see people who find vulnerabilities in the network stack behind Dual Universe, or even vulnerabilities on the website, etc, be rewarded for reporting those issues to NovaQuark.

 

Here's a short list of several companies that offer such rewards, either in the form of money, swag or a "hall of fame", to people who report major security issues to them about their sites and products:

 

https://bugcrowd.com/list-of-bug-bounty-programs

 

 

 

I know that most people here aren't going to be participating in such a program, but as the game grows, undoubtedly people with that kind of experience are going to be playing. 

 

 

Share this post


Link to post
Share on other sites

I would like to see people who find vulnerabilities in the network stack behind Dual Universe, or even vulnerabilities on the website, etc, be rewarded for reporting those issues to NovaQuark.

 

Here's a short list of several companies that offer such rewards, either in the form of money, swag or a "hall of fame", to people who report major security issues to them about their sites and products:

 

https://bugcrowd.com/list-of-bug-bounty-programs

 

 

 

I know that most people here aren't going to be participating in such a program, but as the game grows, undoubtedly people with that kind of experience are going to be playing. 

 

If it helps them fix bugs in there system or to even find things that people could be exploiting I would love to see this implemented at least in some way. Even if it was just a plex ingame or something not even real money (though a hall of fame as well would be kinda cool).

Share this post


Link to post
Share on other sites

Yeah, they should make this a thing. Network compromises can lead to hackers, or even worse, leaked personal info. Although there are many companies whose very trade is network security. I mean, unless it's DDOS attack that takes down the servers, you can't really hack a network entirelly. Subroutines keep the flow going in such cases... unless it's an inside job. Then, well, well played I guess on the hackers' part.

Share this post


Link to post
Share on other sites

This would be a great idea on a lesser extent too. Correct 10 typos and you get 100 free rare ores. Point out flaws in the voxel system and you get 1000 IG currency. Definitely reward the big fatal errors of course. It's just that there aren't many of those.

Share this post


Link to post
Share on other sites

I would be afraid this would flood NQ with frivolous reports by people looking for a reward.

 

And it would also give an excuse to anyone caught screwing around with things they shouldn't be. 

 

Making the game better should be reward enough.  Why incentivize people to hack the game?

Share this post


Link to post
Share on other sites

I would be afraid this would flood NQ with frivolous reports by people looking for a reward.

 

And it would also give an excuse to anyone caught screwing around with things they shouldn't be. 

 

Making the game better should be reward enough.  Why incentivize people to hack the game?

 

Because bad actors are going to be "hacking" the game anyways, you may as well reward the good actors who report the issues to the company rather than exploiting them for their own gain.

 

Google, Facebook, Twitter, Reddit, Valve, Microsoft, Blizzard, etc. all have these kinds of programs because they know it's more valuable to reward people for reporting security issues rather than punishing them. 

 

It saves companies money in the long run, both in having to find all of the issues themselves, and in the money that would be lost having to deal with a major compromise. 

 

There's a good chance even the software you're using to access the forums even has a bounty program behind it. 

 

https://en.wikipedia.org/wiki/Bug_bounty_program

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...