The Inquirer-Home

Mega bug hunters are drawing mostly blanks

So far nothing to worry Kim Dotcom
Mon Feb 11 2013, 10:02

DIGITAL LOCKER MAGNATE Kim Dotcom has updated the world on how much the bug bounty hunters that patrol his Mega service have made. The answer is, not much.

Dotcom announced the Mega bug bounty programme earlier this month. Barely a week later he has followed up, presenting a blog post that yawns about what has been discovered so far.

While some suspected that Mega could be cracked like a walnut, Dotcom said that so far only code problems or mistakes have been found.

Dotcom, who has remained cool throughout a year that saw him accused of racketeering, is confident about what has been uncovered so far and what might lie beneath.

"We believe that it would be premature to draw any conclusions at this time - barely three weeks after our launch and one week into the programme. It is clear that the vulnerabilities identified so far could all be found by checking only a few lines of code at a time; none of them required any analysis at a higher level of abstraction," he said.

"Needless to mention that nobody cracked any of the brute-force challenges yet (please check back in a few billion billion years). We're looking forward to your future submissions, hopefully including some that address higher-level and conceptual issues!"

Some vulnerabilities have been reported, and these have all been dealt with, according to Dotcom. He did not mention any money payouts, nor the sources or discoverers of bugs. µ


Share this:

blog comments powered by Disqus
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

INQ Poll

Happy new year!

What tech are you most looking forward to in 2015