Microsoft launches Windows Bounty program, offering awards up to $250,000

Microsoft has been running a bounty program for a few years now, launching it just ahead of the release of Windows 8.1 back in mid-2013. At the time, the company was awarding up to $50,000 for exploits, in an attempt to help address any potential security issues before they could become a larger public concern. It’s a tact taken by a number of tech’s biggest names, like Google, Facebook and, more recently, Apple.

The software giant’s expanding things a bit today, with the simply named “Windows Bounty Program.” It’ll cover a bit more ground in Windows 10, and features much loftier rewards for bug finders (thus perhaps making it a bit more compelling over selling the exploits to the highest-bidding third party.) This time out, awards go all the way up to $250,000 for anyone who’s able to discover exploits in Microsoft Hyper-V, the company’s virtualization software.

Of course, that’s on the high end. The awards start at $500 and will be handed out to, “any critical or important class remote code execution, elevation of privilege, or design flaws that compromises a customer’s privacy and security.” Other points of focus include Mitigation Bypass (things that break Microsoft’s security sandboxing) and Bounty for Defense, Windows Defender Application Guard, Microsoft Edge and, most notably, Windows Insider Preview, the company’s early access program for Windows 10 builds.

There is, naturally, some fine print here. For starters, if a Microsoft employee spots an issue first, the company will still offer an award to the first person outside the company who details it — but it will only be 10 percent of the maximum amount offered, meaning it only goes up to $25,000. Even so, that marks a change from the way many other companies approach their respective programs, declining bounties for exploits that had already been discovered internally but not yet disclosed.

Ready to start poking around? Here’s the full list of categories Microsoft is interested in and their respective bounties. Microsoft says it will keep the program running indefinitely in its current form

More@ https://www.technapping.com

Source: Techcrunch

Comments

WTF is bitcoin cash and is it worth anything?

Early yesterday morning bitcoin’s blockchain forked — meaning a separate cryptocurrency was created called bitcoin cash . The way a fork works is instead of creating a totally new cryptocurrency (and blockchain) starting at block 0, a fork just creates a duplicate version that shares the same history. So all past transactions on bitcoin cash’s new blockchain are identical to bitcoin core’s blockchain, with future transactions and balances being totally independent from each other. For practical matters, all this really means is that everyone who owned bitcoin before the fork now has an identical amount of bitcoin cash that is recorded in bitcoin cash’s forked blockchain. But it’s not exactly this easy. If you control your own private keys, or hold your bitcoin in an exchange that said it would credit users’ balances with bitcoin cash, you’re fine and can access your newfound cryptocurrency right now. If you held your bitcoin with a provider like Coinbase, which said before the fork t...

Walmart expands its grocery delivery business, powered by Uber

Walmart is expanding a test of its grocery delivery service, powered by Uber, the company announced this week. The retailer is now offering grocery delivery in two new markets — Dallas and Orlando — which join Tampa and Phoenix as locations where consumers can shop online for grocery items, then opt to have them come to their home for an additional $9.95 fee. Grocery delivery has been something Walmart has experimented with for years, starting with tests in Denver and San Jose of grocery delivery using its own service and trucks. The tests involving Uber are newer, however. In June, 2016, Walmart began a trial in Phoenix, which expanded to Tampa this March. In those locations, Walmart offers grocery delivery at five local stores per market. This week’s Dallas test is larger, with 8 stores participating. In Orlando, there are four stores involved. The grocery delivery service is available via the same online grocery shopping website where customers can place their pick-up orders — a s...

OpenAI bot remains undefeated against world’s greatest Dota 2 players

Last night, OpenAI’s Dota 2 bot beat the world’s most celebrated professional players in one-on-one battles, showing just how advanced these machine learning systems are getting. The bot beat Danil “Dendi” Ishutin rather easily at The International, one of the biggest eSports events in the world, and remains undefeated against the world’s top Dota 2 players. Elon Musk’s OpenAI trained the bot by simply copying the AI and letting the two play each other for weeks on end. “We’ve coached it to learn just from playing against itself,” said OpenAI researcher Jakub Pachoki . “So we didn’t hard-code in any strategy, we didn’t have it learn from human experts, just from the very beginning, it just keeps playing against a copy of itself. It starts from complete randomness and then it makes very small improvements, and eventually it’s just pro level.” To be clear, a 1v1 battle in Dota 2 is far less complex than an actual professional battle, which includes two teams of five players completing...

Technapping

Search This Blog