Slashdot Mirror

← Back to Stories (view on slashdot.org)

'Hack The Pentagon' Bug Bounty Program Opens For Registration (securityweek.com)

Posted by BeauHD on from the man-your-battle-stations dept.

wiredmikey writes: Starting today, security researchers can register to test their hacking skills against the Department of Defense (DoD) through "Hack the Pentagon," a new bug bounty program that will award security researchers who discover vulnerabilities on the Pentagon's public web pages. The initiative, run through a partnership with bug bounty platform provider HackerOne, is the first of its kind in the history of the federal government. The Hack the Pentagon bug bounty pilot will start on Monday, April 18 and end by Thursday, May 12. "Critical, mission-facing computer systems will not be involved in the program," the DoD stated.

16 of 36 comments (clear)

  1. No way... by Anonymous Coward · · Score: 1

    am I going to register there.

  2. A big improvement... by Immerman · · Score: 1

    A big improvement over their previous "hack the Pentagon and we'll put a bounty on your ass" program. Or perhaps they're just hoping to save themselves some work identifying the troublemakers.

    --
    --- Most topics have many sides worth arguing, allow me to take one opposite you.
    1. Re:A big improvement... by magarity · · Score: 2

      My first thought was whether someone managed to properly coordinate all the agencies and jurisdictions or not so that anyone who submits a successful hack and is awarded by one agency isn't then immediately arrested by another.

    2. Re:A big improvement... by EndlessNameless · · Score: 1

      The CFAA centers around unauthorized access. Since this activity is encouraged by the system owner---and even has a registration process---the attempts certainly cannot be unauthorized provided they follow the rules of the program.

      That said, it would be wise to read all of the program rules, as violating them might render the access unauthorized. That would put someone in federal felony territory.

      While I would hope the DoD would be forgiving of anyone who bends a minor rule, there is no guarantee beyond what is written.

      --

      ---
      According to the latest ruleset, this post should be modded as Vorpal Flamebait +5.
  3. How Stupid Are We? by zenlessyank · · Score: 2

    Why would I want to sign up for this watch list? Hack imaginary systems and get put on a list. Nice. I suppose this is ISIS sponsored also.

    1. Re:How Stupid Are We? by zenlessyank · · Score: 1

      I would NEVER work for these assholes.

    2. Re:How Stupid Are We? by phantomfive · · Score: 1

      Yeah, I can't see myself reasonably signing up for this.

      --
      "First they came for the slanderers and i said nothing."
  4. Don't forget to register by dkroft1 · · Score: 5, Funny

    The difference between winning money, and committing treason

    1. Re:Don't forget to register by zenlessyank · · Score: 1

      Satan has blessed America.

  5. Re:Contents of email server by Archangel+Michael · · Score: 1

    Enough about that damn email server already!

    --
    Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
  6. So Where Is A Country An American Can Move by zenlessyank · · Score: 1

    to get away from this insanity? Is there a country that will accept us with the understanding that we don't represent this shit. Peeps been coming here for ages, so it is high time someone let us in for a change. Please reply with decent alternatives. Thanks.

    1. Re:So Where Is A Country An American Can Move by rtb61 · · Score: 1

      If you are young enough you can pay for a cheaper degree in Australia and if you pass, you'll have pretty much no problem staying and becoming a citizen. Be warned right wing Republican bible fundamentalist's don't really enjoy it that much and especially do not like the high wage of labour types or the lack of menials. So I suppose if you notice the insanity that won't be a problem for you. There is also (State assisted migration if you are interested look it up) for certain jobs at certain times. Be prepared for a waiting list, but if you make it, have fun.

      --
      Chaos - everything, everywhere, everywhen
  7. uh huh by fyngyrz · · Score: 1

    Pentagon's "Hack The Hackers" program opens for voluntary self-incrimination.

    Come one, come all.

    --
    I've fallen off your lawn, and I can't get up.
  8. No Go by Tablizer · · Score: 1

    I can't register, the registration form's been hacked

    --
    Table-ized A.I.
  9. Re:It's a start... by AlphaBro · · Score: 1

    This is the real news, and given the ability to opt out and forgo payment, it sounds like they will be retaining the reports of those that fail their checks. Complete and utter bullshit.

  10. Well that's most of the good "Researchers" out by ramriot · · Score: 1

    Almost the first requirement and already they excluded potentially 90% of us.

    "You must have a U.S. taxpayer identification number and a social security number or an employee identification number and the ability to complete required verification forms."