Sony publicly reveals the ‘PlayStation Bug Bounty Program’

Snapshot of the PlayStation Bug Bounty Program from the HackerOne page

After some time of being secretive about taking the initiative to bolster its products’ defenses by addressing existing exploits based on inputs from people in the “security research community,” Sony is officially unveiling to the public the PlayStation Bug Bounty Program.

Sony is running the program with HackerOne, the self-proclaimed “industry standard for hacker-powered security.”

The Hunt for Exploits

The move effectively adds Sony from a list of other manufacturers who resort to a bounty program to offset their products from exploitation. For Sony, specifically, this concerns not just the PlayStation 4, but also the PlayStation Network (PSN) as well.

The bounty pays between the ranges of $100 to $50,000, depending on the nature of vulnerabilities being addressed. Minor exploits tend to fall on the low-pay range while critical exploits pay by the thousands.

Notable Figures Joined the Program

Those who are active audiences in the hacking scene will find surprise coming across two names who were recipients of the program. Namely, Oct0xor, who was paid a total of $75,000 for six exploits, and TheFlow, who was paid $10,000 for a single exploit.

Before becoming known for his alias, TheFlow has long been in the scene. However, he is most popular for bringing the lite custom firmware and a handful of useful plugins for the PS Vita.

Oct0xor may not have as great an impact as TheFlow but remains as among the significant individuals in the hacking scene. For someone who touts himself as having hacked “PlayStation” and a zero-day exploits hunter at Kaspersky GReAT, the guy has the potentials indeed.

Over several months, Sony had addressed 88 vulnerabilities and had paid a total of $170,000 of bounties.

The Program’s Aftereffect

The revelation of the news may seem like a backstab to those who expect much from leaders of the hacking scene. But, on the other hand, the notion that such talents are choosing to jump ship because of a lump sum is hardly a surprise.

Not only is the job that these supposed hackers do is an often thankless job, but it also pays peanuts, a pittance, especially in comparison to what big companies, the likes of Sony, that are willing to pay to safeguard their product.

Running a bounty program to address certain issues directly from the minds of the hackers themselves does come with a benefit for Sony. But on the opposite side of the spectrum, the hacking community is becoming mired with distrust, one that could potentially divide its active members and lower camaraderie.

Image used courtesy of HackerOne

Micky is a news site and does not provide trading, investing, or other financial advice. By using this website, you affirm that you have read and agree to abide by our Terms and Conditions.
Micky readers - you can get a 10% discount on trading fees on FTX and Binance when you sign up using the links above.