Julia Reda, EU member of the parliament, announced, last week, that EU will be funding the internet bug bounty programs for 14 out of the total 15 open source projects, starting January 2019.
The Internet Bug Bounty programs are rewards for friendly hackers who actively search for security vulnerabilities and issues. The program is managed by a group of volunteers that are selected from the security community. The amount of the bounty depends on how severe the issue uncovered is and the importance of the software. The amount ranges from 25,000,00 Euros and all the way up to 89,000,00 Euros.
The 14 open source projects include:
- Apache Kafka
- VLC media player
- FLUX TL
- Digital Signature services (DSS)
- GNU C library (glibc)
- The Symfony PHP framework
- Apache Tomcat
EU is sponsoring the bug bounty programs as a part of their third edition of the Free and Open Source Software Audit project (FOSSA). Reda mentions that FOSSA project that started in 2015, was an initiative to encourage promotion of free and open source software.
“In 2014, security vulnerabilities were found in important Free Software projects. One of the issues was found in the Open Source encryption library OpenSSL.The issue made lots of people realize how important Free and Open Source Software is for the integrity and reliability of the Internet and other infrastructure”, mentions Reda.
People can contribute to the projects mentioned by EU by analyzing the software, and submitting any bugs or issues found in these software on bug bounty platforms such as Hackerone and Intigriti/Deloitte.
For more information, check out Julia Reda’s official blog post.