news.buyenne.com

Enlarge (credit: GHETTO UBER DRIVER)

Over the past decade, there's been an explosion of bug bounty programs that pay hackers big cash rewards for finding vulnerabilities in applications and Web services. On Tuesday, ride-hailing service Uber became the latest company to embrace the trend with the unveiling of its own program.

In most respects, the program is similar to those offered by Google, Facebook, and so many other companies. It pays as much as $10,000 for the most critical vulnerabilities and provides a public forum to acknowledge the smarts of researchers who privately report bugs that no one inside the company was able to identify. Still, there are a few features that its designers say make it stand out from what's been done so far.

For instance, the Uber bounty program comes with a technical treasure map of sorts that's intended to help researchers find high-severity bugs quickly. The treasure map included with Tuesday's announcement enumerates some of the company's most security-sensitive subdomains, along with a brief description of types of assets that are at stake and the types of vulnerabilities that might threaten them. A description of partners.uber.com, for instance, describes it as the place driver partners visit to access private driver documents, payment statements, tax information, and other highly sensitive data.

(credit: flash.pro)

When the Federal Communications Commission voted for a plan to let consumers watch TV channels on more devices, pay-TV companies complained that makers of third-party set-top boxes might insert their own advertising into cable TV. As a result, the cable TV lobby claimed customers would have to watch the standard television commercials plus see extra advertising distributed by whichever company makes the device or software they're using to watch TV.

FCC Chairman Tom Wheeler dismissed these concerns, and on the day of the vote he said that insertion of additional advertising would be prohibited. But the full text of the notice of proposed rulemaking (NPRM), released after the vote on February 18, shows that there likely won't be a new rule preventing insertion of additional advertising.

The NPRM is a set of proposed rules that asks the public for comment with the goal of issuing final rules by the end of the year.

Andrew S. Grove was chairman of the board of Intel Corporation from May 1997 to May 2005. He was the company’s chief executive officer from 1987 to 1998 and its president from 1979 to 1997. (credit: Intel)

A survivor of the Nazi occupation of Hungary and a refugee escaping the brutal Soviet response to the Hungarian Revolution, Andrew Stephen "Andy" Grove has died at the age of 79. Grove was Intel's third employee, the first person to be hired by company founders Gordon Moore and Robert Noyce. He became company president in 1979, CEO in 1987, and served as chairman of the board from 1997 to 2005.

Intel announced his death on Monday. No cause of death has been specified.

Born András István Gróf, Grove came to the US in 1957. He Americanized his name, married a fellow refugee named Eva, and earned first a bachelor's degree and then a PhD in chemical engineering. He worked for Fairchild Semiconductor, hired by and working under Gordon Moore. When Moore and Noyce left Fairchild to start Intel, Grove went with them as director of engineering.

One of Newegg's new t-shirts. (credit: Courtesy Jordan Gwyther)

A church pastor caught up in a patent battle over foam arrows is about to get assistance from the nation's best-known slayer of patent trolls, Newegg top lawyer Lee Cheng.

Newegg will donate more than $10,000 it has made from selling anti-patent-troll T-shirts to Jordan Gwyther, who owns Larping.org, a hub for the live action role-play (LARP) community. Gwyther was sued last year by Global Archery. Global Archery founder John Jackson said he's ticked off that Gwyther has tried to sell foam arrows to the camps, churches, and resorts that make up the bulk of Jackson's customers.

The Global Archery lawsuit is an attempt "to drive a passionate entrepreneur out of business," Cheng said in an e-mail to Ars. "We were absolutely appalled by Global’s attempt to impose a gag order on Mr. Gwyther."

(credit: meesh)

A former US Embassy staffer was sentenced Monday to four years and nine months in prison after pleading guilty last year to stalking, extortion, and computer fraud.

According to prosecutors, Michael C. Ford primarily conducted his sextortion activities from his desk at the United States Embassy in London despite his heavily monitored, government-owned work computer. Even though Ford ran his scheme for at least two years, the State Department’s own network security protocol apparently failed to flag the man’s behavior.

In a sentencing memorandum filed by prosecutors prior to the Monday hearing, they expressed shock at the scale of Ford's scheme. "The sheer number of phishing e-mails that Ford sent is astounding," the memorandum stated. As an example, prosecutors noted that on one day in April 2015 alone, Ford sent approximately 800 e-mails to potential victims.