Microsoft you take the security of your next evolution of your operating system very seriously. Is willing to pay up to $ 100.000 to those who get identify a security flaw in Windows 8.1. This will be the biggest reward in the program that opens on June 26 when the new OS begins to be distributed among tablets and PCs.
The thing does not end there. Too pay $ 50.000 to those who help find solutions defensive to previously encountered problems. Finally, it will pay $ 10.000 to those who find vulnerabilities in Internet Explorer 11, the latest version yet to be released of the Redmond browser. This last program will only last 30 days after it begins to be distributed.
Some media have interpreted this as an act of bravado by Microsoft, however, they consider that they open their software to the community of computer security researchers to learn more and for end consumers to benefit from this paid collaboration.
There are other companies that have done similar reward programs such as HP or iDEFENSE, with good results and without such generous rewards. In fact, Microsoft itself has done so in the past with hacker conferences with awards and rewards for specific security feats. So much so, that in addition to this program they plan to launch others in the future to continue learning from the developer community on security issues, as announced by the head of the company's security strategy, Katie Moussouris.
The key to getting these awards is to detect truly novel problems and solutions and not those for which there was already a prior known process.
The strategy is brave to say the least, since encouraging security researchers, also called hackers, to find holes in your system can be risky. Money would be the safeguard, but in the event that some of those rulings were made public and no solutions were given, they would expose the company to public opinion.
Source: Tech Crunch