• Home
  • About
    • Where has GhettoIFE gone?
    • For PR’s and Agencies (Changes and Corrections)
    • Generative Tools and Usage
    • Privacy Policy
  • Snapshots
  • Trip Reports
  • Travel Plus…
    • … Technology
    • … Photography

Economy Class & Beyond

You are here: Home / Passenger Experience / Ethical Hacker wins 1 million miles. They’re United Miles…

Ethical Hacker wins 1 million miles. They’re United Miles…

11/08/2016 by Kevincm

If you’re good at breaking things (pretty much a prerequisite for working in the IT industry), something to consider is ethical hacking, and bug bounties.

Some companies offer cold hard cash. Others offer other items… such as United Airlines.

United Airlines Boeing 737-900ER with Split-Tip Scimitar Winglets
United Airlines Boeing 737-900ER on approach to Chicago O’Hare, Image Economy Class and Beyond

According to The Register, a 19-year-old security researcher called Olivier Beg found 20 bugs in the United code base – enough for him to cash out 1 million miles.

United launched a bug-bounty reward campaign last year, which offers different payouts depending on the severity of the bug or exploit found:

United bug bounty

And as all frequent flyers are away, you can’t change your miles for cash. For some bug-hunters/white hats, this scheme isn’t attractive in the least (unless you have a magic way of converting United miles into food, rent, etc etc etc).

Although I think The Register has got it right with their headline:

The Register - United White hat hacking

Still, I’m sure the miles will be useful for attending conferences… or flying other airlines than United…


Welcome to Economy Class and Beyond – Your no-nonsense guide to network news, honest reviews, with in-depth coverage, unique research as well as the humour and madness as I only know how to deliver.

Follow me on Twitter at @EconomyBeyond for the latest updates! You can also follow me on Instagram too!

Also remember that as well as being part of BoardingArea, we’re also part of BoardingArea.eu, delivering frequent flyer news, miles and points to European readers.

 

Related

Filed Under: Passenger Experience, Points

Comments

  1. askmrlee says

    11/08/2016 at 4:27 pm

    So I guess he found 20 low level bugs? And now we will have two factor login security for Mileage Plus.

  2. Hacking tools says

    12/08/2016 at 12:22 am

    That’s enough for each of them to circle the globe five times.

    Such awards, known as a “bug bounties” are paid to any hacker that can help United identify a problem with its system. Many companies and security firms offer bug bounties, including Google (GOOG) and Facebook (FB, Tech30), but United says it’s the first airline to so. The miles are worth about $15,000 to each hacker according to experts. But offering frequent flyer miles instead of cash helped get the hacker community’s attention.

    “I don’t usually do bug bounties for several reasons, but United made the reward seem worth the effort,” said Kyle Lovett, one of the winning hackers. He can’t disclose details of the bug he found, but he did say that it “wasn’t a trivial” vulnerability.

  • Bluesky
  • Email
  • Instagram
  • Mastodon
  • RSS
  • Threads

Recent Posts

  • Avolon places an expansion order for wide and narrow body aircraft from Airbus
  • Qatar Airways bumps up its Doha-Dublin operation to 17 flights a week
  • Emirates to launch a third daily service to Mauritius
  • European Union sets the date for its Entry/Exit System to start, whilst jacking up ETIAS costs
  • UK Goverment reclaims the Essex Thameside Franchise – c2c returns to public control

Email Newsletter

Sign up to receive email updates daily and to hear what's going on with us!

Privacy Policy
Copyright © Economy Class & Beyond All Rights Reserved.
Unauthorized use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Economy Class & Beyond with appropriate and specific directions to the original content.