Valve offers bounties if you can find security flaws on Steam
When it comes to finding security problems with your software, it can often be difficult to rely on your own security team. Even if you trust them implicitly, the one thing that they do not often do is think outside the box. A recent check of all security breach stories shows how in a significant number of cases the most innocuous entry point can cause major problems.
Based on this, Valve has become the latest company to openly invite 3rd parties to attempt to find security flaws with Steam. Better still, in a report via PCGamesN, if you find one, Steam will reward you with anything up to $2,000.
White Hat Hackers!
As above, this isn’t the first time a company has appealed to ‘white hat hackers’ or ‘hacktivists’ to try and expose security flaws for a cash reward. You do, however, have to be careful what you wish for. Steam has largely remained fairly bulletproof in recent years in terms of hacking. That doesn’t, however, mean that people haven’t tried. Neither does it mean that potential security risks do not exist.
Tempting hackers to try and find out for a cash prize though is getting a more common thing. One that can often give highly beneficial results to all parties. If none are found, it doesn’t cost Valve a penny. If some are, then Steam can plug the holes for a minimum expense. This while the hacker gets compensated for their time and effort.
The report has even suggested that in the 3 days since it’s launched, they have already paid out over $100,000 in rewards to at least 40 hackers. The only real condition Valve has is that DDOS and social engineered attempts will not count. In addition, neither will exploits within games. So don’t even think about it!
What do you think? – Let us know in the comments!
