Europe Sends Hackers to Open Source Software
Anyone who finds vulnerabilities in popular open-source software can receive a reward from the European Commission. So LibreOffice and the Belgian Odoo, among others, get more eyes to become safer.
Bug bounties have been a common practice at large tech companies for years. Anyone who discovers a weak spot in, say, iOS or Facebook and reports it properly will receive money for it in many cases. This allows companies to solve security problems before criminal hackers abuse them.
Europe is now doing the same, but specifically for open-source software often used by European institutions. These include LEOS, LibreOffice, Mastodon, Odoo, and Cryptpad. Incidentally, the bug bounty program runs through the Belgian Intigriti.
In concrete terms, up to five thousand euros can be earned per bug found, with a bonus of twenty percent if code is also provided to solve the problem. In total, the European Commission provides a budget of 200,000 euros.
It is not the first time that Europe has done something like this. Earlier in 2019, such a project ran for KeePass, VLC, Apache Tomcat, Drupal, and others. That also ran through Intigriti.