Support NeoGAF

[Shin]

The Xbox Bounty Program invites gamers, security researchers, and others around the world to help identify security vulnerabilities in the Xbox Live network and services and share them with the Xbox team. Qualified submissions are eligible for bounty rewards of $500 to $20,000 USD.

HOW ARE AWARD AMOUNTS SET?
Bounty awards range from $500 up to $20,000. Higher awards are possible, at Microsoft’s sole discretion, based on report quality and vulnerability impact. Researchers who provide submissions that do not qualify for bounty awards may still be eligible for public acknowledgment if their submission leads to a vulnerability fix.

Security Impact	Report Quality	Severity
		Critical	Important	Moderate	Low
Remote Code Execution	High Medium Low	$20,000 $15,000 $10,000	$15,000 $10,000 $5,000	N/A	N/A
Elevation of Privilege	High Medium Low	$ 8,000 $ 4,000 $ 3,000	$5,000 $2,000 $1,000	$0	N/A
Security Feature Bypass	High Medium Low	N/A	$5,000 $2,000 $1,000	$0	N/A
Information Disclosure	High Medium Low	N/A	$5,000 $2,000 $1,000	$0	$0
Spoofing	High Medium Low	N/A	$5,000 $2,000 $1,000	$0	$0
Tampering	High Medium Low	N/A	$5,000 $2,000 $1,000	$0	$0
Denial of Service	High/Low		Out of Scope

Source: https://www.microsoft.com/en-us/msrc/bounty-xbox

It makes sense with digital becoming more and more dominant and attacks happening frequently around the globe to get user data.

 

[Bandi]

Sony should do the same. Especially after the horrendous PSN hack, where data of 77 MILLION has been stolen: https://www.theguardian.com/technology/2011/apr/26/playstation-network-hackers-data

 

[Elektro Demon]

Imma become a bug hunter and roll in cash.

 

[CyberPanda]

Damn that is a lot of money.

 

[Three]

Sony should do the same. Especially after the horrendous PSN hack, where data of 77 MILLION has been stolen: https://www.theguardian.com/technology/2011/apr/26/playstation-network-hackers-data

The shills are getting crazy

 

[ManaByte]

The shills are getting crazy

What's crazy is calling someone a "shill" for pointing out a security incident that really happened.

 

[Journey]

What's crazy is calling someone a "shill" for pointing out a security incident that really happened.

Fake news folks, FAKE NEWS!

 

[Dr.brain64]

To gamers and such: if you're able to find those critical bugs, you should ask for a lot more. A lot more.

 

[sn0man]

Xbox hadware bug: a disc-based console that requires a network connection for initial setup to play game discs.

 

[Three]

What's crazy is calling someone a "shill" for pointing out a security incident that really happened.

It happened 8 years ago and he's linking to an article about it. What did an incident 8 years ago have to do with anything to even warrant a mention let alone link an old news article to it?

Reminds me of the crazies who drop mention some decade(s) old news (Iran flight 655 is a good example) due to some pent up allegiance and whataboutisms.

Those hacks happened almost a decade ago, security was improved and everyone moved on except the warriors. The suggestion of 'Sony should do this too' 9 years after is stupid.

 

[Heinrich]

It happened 8 years ago and he's linking to an article about it. What did an incident 8 years ago have to do with anything to even warrant a mention let alone link an old news article to it?

What does the launch of Xbox one, which was also a lot of years ago have to do with the launch of the series x?

he even created a FUCKING THREAD for this. A THREAD:

Remembering the Xbox One reveal, and your reaction.

I lost a lot of trust for Microsoft with the whole always-online debacle It sounded like a veiled threat, didn't it. Microsoft: We check if you are online every 30 minutes. Journalists: And what happens If we're not. Microsoft: You don't want to know, but it's not good. Journalists: Hurrah...

www.neogaf.com

at least I only posted a comment.

 

[Three]

at least I only posted a comment.

What? is that your alt?

Post history would make sense if it is.

If you're saying it's not Ok to say then why are you liking this here?

 

[GHG]

To gamers and such: if you're able to find those critical bugs, you should ask for a lot more. A lot more.

Yep these bounties are a joke compared to a lot of bounties available for ethical hackers.