Want Airline Miles... Lots Of It? Find Bugs On United Airlines Websites And Apps

Not a frequent flier but still want to generate loads of airline miles? Thanks to United Airlines' Bug Bounty Program, you can now do so.

United Airlines has launched a Bug Bounty Program wherein it is inviting independent researchers to seek out and report any vulnerabilities or bugs that exist in the airlines' apps, online portals or websites.

"We are committed to protecting our customers' privacy and the personal data we receive from them, which is why we are offering a bug bounty program—the first of its kind within the airline industry," announced the airlines.

United Airlines will reward those who successfully identify bugs and meet the requirements for submission. However, the reward is not cash but airline miles.

The award ranges from 50,000 points to 1 million, depending on the severity of the vulnerabilities identified, which may enable attackers to wage a remote-code execution on the airlines' system. The more serious the vulnerability, the more miles you generate.

By comparison, existing bounty programs from the likes of Microsoft, Facebook and Google offer independent researchers anywhere between $1,500 to over $200,000 in cash, depending on the intensity of the lurking security issue.

However, the Bug Bounty Program from United Airlines does not include vulnerabilities that exist in the airlines' "onboard Wi-Fi, entertainment systems or avionics." A word of caution from United Airlines for those thinking of exploring this terrain—don't! Why? Because doing any testing on any aircraft system, such as the Wi-Fi or inflight entertainment, may lead to a criminal investigation.

The idea is to discourage people from meddling with the systems on live flights as it could result in an accidental breakage or interruption. To elucidate, if the aircraft's avionics crash accidentally as a result, this potentially leads to a plane crash should the system bog down.

United Airlines' recent promo announcement comes barely a few weeks after it fired a security researcher of an aircraft for tweeting the vulnerabilities that existed in the inflight Wi-Fi and entertainment systems of some of its Airbus and Boeing aircraft.

To find the eligibility criteria, check out United Airlines' Bug Bounty Program details on its website.

Photo: Aero Icarus | Flickr

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics