Jump to content

A Bug Bounty/Reward System for Reporting Vulnerabilities


yamamushi

Recommended Posts

I would like to see people who find vulnerabilities in the network stack behind Dual Universe, or even vulnerabilities on the website, etc, be rewarded for reporting those issues to NovaQuark.

 

Here's a short list of several companies that offer such rewards, either in the form of money, swag or a "hall of fame", to people who report major security issues to them about their sites and products:

 

https://bugcrowd.com/list-of-bug-bounty-programs

 

 

 

I know that most people here aren't going to be participating in such a program, but as the game grows, undoubtedly people with that kind of experience are going to be playing. 

 

 

Link to comment
Share on other sites

I would like to see people who find vulnerabilities in the network stack behind Dual Universe, or even vulnerabilities on the website, etc, be rewarded for reporting those issues to NovaQuark.

 

Here's a short list of several companies that offer such rewards, either in the form of money, swag or a "hall of fame", to people who report major security issues to them about their sites and products:

 

https://bugcrowd.com/list-of-bug-bounty-programs

 

 

 

I know that most people here aren't going to be participating in such a program, but as the game grows, undoubtedly people with that kind of experience are going to be playing. 

 

If it helps them fix bugs in there system or to even find things that people could be exploiting I would love to see this implemented at least in some way. Even if it was just a plex ingame or something not even real money (though a hall of fame as well would be kinda cool).

Link to comment
Share on other sites

Yeah, they should make this a thing. Network compromises can lead to hackers, or even worse, leaked personal info. Although there are many companies whose very trade is network security. I mean, unless it's DDOS attack that takes down the servers, you can't really hack a network entirelly. Subroutines keep the flow going in such cases... unless it's an inside job. Then, well, well played I guess on the hackers' part.

Link to comment
Share on other sites

This would be a great idea on a lesser extent too. Correct 10 typos and you get 100 free rare ores. Point out flaws in the voxel system and you get 1000 IG currency. Definitely reward the big fatal errors of course. It's just that there aren't many of those.

Link to comment
Share on other sites

I would be afraid this would flood NQ with frivolous reports by people looking for a reward.

 

And it would also give an excuse to anyone caught screwing around with things they shouldn't be. 

 

Making the game better should be reward enough.  Why incentivize people to hack the game?

Link to comment
Share on other sites

I would be afraid this would flood NQ with frivolous reports by people looking for a reward.

 

And it would also give an excuse to anyone caught screwing around with things they shouldn't be. 

 

Making the game better should be reward enough.  Why incentivize people to hack the game?

 

Because bad actors are going to be "hacking" the game anyways, you may as well reward the good actors who report the issues to the company rather than exploiting them for their own gain.

 

Google, Facebook, Twitter, Reddit, Valve, Microsoft, Blizzard, etc. all have these kinds of programs because they know it's more valuable to reward people for reporting security issues rather than punishing them. 

 

It saves companies money in the long run, both in having to find all of the issues themselves, and in the money that would be lost having to deal with a major compromise. 

 

There's a good chance even the software you're using to access the forums even has a bounty program behind it. 

 

https://en.wikipedia.org/wiki/Bug_bounty_program

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...