Uber offers hackers technical 'treasure map' to find computer flaws

Uber, the high-flying transportation firm, is releasing a technical map of its computer and communications systems and inviting hackers to find weaknesses in exchange for cash bounties. While so-called “bug bounties” are not new, Uber’s move shows how mainstream companies are increasingly relying on independent computer researchers to help them bolster their systems. “That’s a level of confidence that you have not seen too many closed-source software companies take in the past, and I’m really hopeful that others will follow suit,” said Alex Rice, chief technology officer at HackerOne, which is managing Uber’s bounty program. Firms such as Uber, looking to bolster their defenses, don’t pay as much as criminals and military contractors who are looking for tools to carry out offensive attacks, but they offer options to those who would prefer to act as “white hats.” Bugcrowd Chief Executive Officer Casey Ellis said he has seen a surge in corporate clients asking for private bounty programs that are open to selected researchers.