The last two years you must have heard a lot about the cyber attacks. Equifax Breach, the Wannacry Cyberattack, a nefarious DDoS attack destroyed internet for a whole day. well, a skilled hacker has way more power in his hand then you think. well hackers can break into anything and do whatever they like with people private data and there are hundreds of hackers out there then why are you still secure?? why are you still secure?? who is protecting you??
You need to thank these computer nerds who have been securing your personal computer and mobile phones.
let me give you a sip of history to explain what I am about to tell you. In 1983, Volkswagen offered a reward to the hackers who will be able to breach to there operating systems of company beetles. 12 years later, this idea was taken by Netscape who introduced Bugs Bunny, a program that offers a reward to users who will report an error in its Navigator 2.0 software. Netscape’s product director said in an interview that several hackers received a $1000 prize while many other won Netscape merchandise.
Netscape leading the way few other companies followed the idea throughout including Mozilla who announced a similar bug bounty program in 2004.Six years later, in December of 2010, they refreshed there bugs bunny and Mozilla was one of the first companies to add bugs found in their web properties to their bounty programs. Ranging from $500 up to $3000, it was another leap forward, this time focused on improving the state of web security. Again on 11 may 2017, Mozilla relaunched the bug bounty program.
Bug bounty cam into the mainstream until in 2010 Google announced experimental new incentive to find bugs in chromium for $1337 for particularly severe and clever bug while $500 for other security bugs.
Today, many large companies use this have bug bounty program including Dropbox, tinder, snapchat etc and they offer prizes for these hackers.
Hackers all the way
According to the recent research ethical Hackers are 23% from India, 20% from the US, 6% from Russia, 4% from Pakistan and 4% from the UK. A chart shows that 58% of these hackers are self-taught while 50% studied computer science in college, 26.4% studied from High School.Most of the percentage of hackers is between 35 and 25 i.e. 90% while from 18 to 25 age group contains a 50% and under 18 are just 8%. but all ethical hackers have one thing common that is “endless curiosity”.
Martin Mickos(CEO of bug bounty platform HackerOne) says
we don’t find them they find us. They read, they study vulnerabilities, and then they report them. Most of them start when they’re young
Have a look at these two hackers who helped these big companies.
Jack Cable:
He’s is a high school senior who taught himself to program by watching YouTube lectures when he was 12 years old. In between homework, college applications, and high school math team competitions, Cable has exposed more than 200 security vulnerabilities for around 50 companies, including Uber, Bitcoin Exchange, and even the U.S. Air Force.
He has spent his Career in the public good.Cable frequents a forum of around 150 hackers who share tactics and collaborate on finding bugs, even though they’re ultimately competing for the prizes.
He says:
Everyone is much more collaborators than competitors there is a strong component of helping each other out, of working together to improve these companies’ security
Sean Melia
He discovered bug accidentally. Melia was ordering coffee like any other user when he noticed that changing his order number on the checkout screen, he could modify other people’s orders. This would allow him to send coffees to other people’s houses or have their orders sent to his house, for absolutely free.Melia immediately reported the bug for a reward of several thousand rather than ordering some more coffee at no cost.
he said
I’d rather have a $4,000 to $6,000 bounty than a chance of stealing a free coffee
Melia is now a senior security engineer at security service company Gotham Digital Science. In late 2014, he saw a YouTube video in which a hacker reported receiving $15,000 for finding a bug. Interested, Melia poked around the internet and found a bounty program from Yahoo. Over the next few weeks, he located more than 30 bugs for the platform and earned $22,000.
He said
I’ve never had that much money at one time getting deposited into something was kind of hooked after that
he says it’s not just about the money
To be good at this, it has to be a passion,If you’re just like, ‘I want the money,’ you’re not going to fare well
Malia says that she open an application like a normal user and then try to manuplate it and make application do what its not intended to do. he named this technique “black box”.
Melia recommends turning to Netflix at the time of discouragement.
“There have been instances where I can’t exploit a bug, and then I’m lying in bed and I’m like, ‘Oh, I figured it out.'”
If they want to make a profit, a hacker can’t rest for too long. Melia said of his Starbucks hack “Any one of the other hackers would have found it eventually.I was just the first one.”
robd4k
This hacker has earned enough to buy himself a house.
A report says that in India top ethical hackers earns 16 times more of average software engineer. They are also said to be creative Mickos said
Ethical hackers will be much more creative in finding the bugs. Even if you have a really smart person in house, it’s difficult [for them] to find their own typos. The outside world will always outperform the inside world.
Well not everyone follow the Melia and Jack path. some of them as Micko’s says has to do with the stigma of the job. Some unethical hackers who breaches, vulnerabilities, scams, and viruses has made word “hacker” sound us like a sign of danger. We quiet often or not at all listen about the ethical hackers.
Mickos says
For every bad hacker there are about 1000 ethical hackers It’s just they don’t make a story in the press, so you don’t hear much about them
Two reasons led to this problem. First, because most hackers, according to Mickos, begin building their skills at an age when there morality is just developing, when bounties are difficult to get, and when they have temptation for free coffe’s. And when hackers don’t feel that people value their work, they’re less inclined to help those people.
Second, laws in many places reflect a broader societal suspicion toward the hacking community, and that can impede the work that ethical hackers do.
Hackers are, according to Mickos, “the ones who will rescue and safeguard our society.”
