EU will start giving rewards to those who find security bugs in Open Source projects

In her blog, she made the announcement on December 30, 2018 and the last update this year (10/01/2019) made the following complement.

In January, the European Commission is launching 14 out of a total of 15 bug tracking rewards on Free Software projects that EU institutions trust. a bounty bug It is an award for people actively looking for security issues. The amount of the reward depends on the severity of the problem discovered and the relative importance of the software. The software projects chosen were previously identified as candidates in the inventories and public research.

Some well known programs are on the list of contracts, such as:

– Filezilla, with a reward of 58,000.00, starting on 01/07/19 and ending on 15/08/19;

VLC Media Player, with a reward of 58,000.00, starting on 07/01/19 and ending on 15/08/19;

– KeePass, with a reward of 71,000.00, starting on January 15, 1919 and ending on July 31, 1919;

– PuTTY, with a reward of 90,000.00 starting on 01/07/2019 and ending on 15/12/2019;

Another pertinent point raised by Julia was as follows:

"The issue has made many people realize how important Free and Open Source Software is to the integrity and reliability of the Internet and other infrastructure. Like many other organizations, institutions such as the European Parliament, the Council and the Commission are based on Free Software. , as much on their websites as many other things. "

Well, our legislators could have the same stance in our city halls, state and federal governments.

For the full list of apps participating in the campaign, as well as how you can participate, visit Julia Reda's blog link.

Initiatives like this are very welcome, as they bring benefits to application users and thus elevate their quality, not only for those who promote bug hunting, but for those who will still use applications in the future who will already have corrections. of bugs, vulnerabilities and new technology implementations as well.

This is one of the powers of the open source community to be able to diagnose a problem, think and develop the solution and apply it in record time to proprietary software and operating systems.

Hope to see you next post, big hug.