Wednesday, 24 June 2020

Sony will now pay researchers $50,000+ for critical PS4 bugs

Think you’ve found a way to consistently brick someone’s PS4, or make it run code that it shouldn’t? Sony wants to know — and now they’re willing to pay.

This morning Sony announced that it’s opening its bug bounty program to the public, and will pay for newly discovered bugs and exploits that impact either the PlayStation 4 or their online PlayStation Network.

Sony is pretty explicit about what kind of bugs they’re looking for: anything that hits “the PlayStation 4 system, operating system, accessories” in its current and/or beta form, or that impacts any of a handful of PlayStation Network domains/APIs. Tactics like socially engineering Sony employees or DDoSing their servers, meanwhile, aren’t allowed.

Bugs found in the PlayStation Network will have base bounties of $100-$3,000 or more (depending on severity), while critical bugs found related to the PS4 itself will pay $50,000 or more. You can see Sony’s breakdown, including what’s in/out of the program’s scope, right here.

(Note the focus on PlayStation 4. Finding a new way to break the ol’ PS2 is cool and all, but Sony won’t be dishing out any money for it.)

In a blog post announcing the bug bounty program, Sony notes that they’ve actually been running this program quietly with a handful of researchers for a while now — today, though, they’re opening it up to anyone with the skill and interest. The program’s HackerOne page says Sony has already paid out over $170,000 to researchers, with an average bounty of around $400.

Microsoft launched a similar bug bounty program for Xbox Live earlier this year.

https://ift.tt/31eNXGw

No comments:

Post a Comment