Hack your way to an exotic vacation destination? That’s essentially what United Airlines is offering with its new program that rewards up to 1 million frequent flyer miles to hackers who uncover security vulnerabilities in its website or mobile travel apps.

United says it’s the first airline to implement a “bug bounty program” — when a website or software company offers some kind of compensation to individuals who can uncover bugs and other vulnerabilities it its system. The airline launched a preview of its United.com website last week.

Hackers simply need to enroll in United’s MileagePlus reward program to be eligible. The more severe the bug that’s uncovered, the more generous the bounty. The airline is promising 50,000 miles for low-level discoveries, 250,000 miles for medium-level discoveries, and a whopping 1 million miles for the discovery of the highest-level of vulnerabilities, which it says is a “remote code execution.”

But there’s a major caveat in the program’s rules: The airline does not want hackers messing with “any testing on aircraft or aircraft systems such as inflight entertainment or inflight Wi-Fi.” In other words, stick to tinkering with the airline’s website and mobile app on the ground, not the actual systems that are employed during flight. (That’s a sure way to get booted from a flight and even be subject to criminal investigation.) .. see more

source: ibtimes