POST Online Media Lite Edition


United Airlines starts bug hunt, will give one million air miles

Staff writer |
United Airlines has launched a bug bounty scheme only a month after it banned a security researcher from its flights because he tweeted that he could hack the plane's systems.

Article continues below

Programmers can earn up to 1,000,000 air miles by successfully sending a bug to the airline, which is a departure from the convention of not offering money for any flaws discovered.

Writing in a statement online, United Airlines said: "We are committed to protecting our customers' privacy and the personal data we receive from them, which is why we are offering a bug bounty program - the first of its kind within the airline industry.

"We believe that this program will further bolster our security and allow us to continue to provide excellent service."

Eligible bugs in the programme include those enabling remote code execution, which allows hackers to sent malicious commands over the Internet; brute force attacks in which automated login attempts are used to crack passwords; and retrieval of personal information.

It follows the exclusion of Chris Roberts of OneWorld Labs from a United Airlines flight after he jokingly tweeted that he could force the oxygen masks to deploy on a flight between Colorado and San Francisco, where he was due to speak at RSA Conference 2015, a cybersecurity event.

After he was stopped from boarding Roberts was questioned by the FBI for four hours and deprived of his electronic equipment. He was later banned from the airline.

What to read next

United Airlines to change MileagePlus Program
Alaska Airlines begins seasonal flights between Philadelphia and Portland, Or.
J.B. Hunt Transport Services joins ATA