Man Given $20,000 For Discovering Steam Download Bug
Mike Sanders / 6 years ago
Man Given $20,000 For Discovering Steam Download Bug
Many companies offer ‘bounty’ rewards to people who can find serious errors or flaws in the design of their program. With such incentives aimed towards ‘white hat hackers’, the concept is to incentivise people with a clear talent to put their code-breaking abilities to good use. Why? Well, many firms offer considerable payments as a reward.
In the most recent high profile case, a man has been awarded $20,000 by Valve for finding an error in the PC gaming platform Steam. A fault which would allow people to access any game free of charge and also potentially create various stolen game codes.
What Was The Bug?
In a report via the BBC, Security researcher Artem Moskowsky found that via Steam’s developers portal, he was able to generate a key code for every product available on the platform. This, essentially, meant that he could download anything Steam had to offer completely free-of-charge. More so, it potentially allowed people to create various ‘stolen’ codes and sell them. He said that he came across the bug by accident and that he: “managed to bypass the verification of ownership of the game by changing only one parameter.”
Take Your Reward
Valve rewarded him with two seperate payments. He was given a reward of $15,000 for reporting the bug. In addition, he was also given $5,000 for not disclosing its existence until the matter was fixed. Given the potential benefits he could’ve reaped from this (albeit illegal) it was a very noble move to contact Valve directly. It is yet more proof that these incentives do work. If nothing else, it does go to show that being one of the more pleasant varieties of hackers has bonuses. Kind of makes me wish I knew something about it!
What do you think? Impressed with the reward? In addition, do you think more bugs like this could exist?- Let us know in the comments!
