back to article Hack the Army: US military begs white hats to sweep it for bugs

Security experts reckon the US government’s newly unveiled "Hack the Army" bug bounty programme may usher in greater co-operation across the whole arena of security research. The US Army will offer cash rewards to hackers who find vulnerabilities in selected, public-facing Army websites under the scheme, which builds on the US …

  1. Sir Alien

    This is a joke right?

    I mean, the moment you go snooping around "Uncle Sam's" things then the men in black will be on your doorstep so fast to get you deported into the USA concentration camps (a.k.a slave prisons). I certainly have lost complete trust in anything from the USA. Sorry for those honest citizens that become collateral.

    - S.A

    1. NoneSuch Silver badge
      WTF?

      Re: This is a joke right?

      As I understand it, under US law, looking for a vulnerability on a gov't owned piece of tech is considered a felony to the same degree as hacking a gov't piece of tech.

      Remember Laurie Love?

  2. Bob Wheeler
    FAIL

    So..

    Was the recent " Lauri Love to be extradited to the US for 'accessing" just a recruitment process for Hack the Army?

    1. Hans Neeson-Bumpsadese Silver badge

      Re: So..

      I was thinking about sending in an application letter for this programme, and signing it "Mr L Love"

      1. Anonymous Coward
        Anonymous Coward

        Re: So..

        I was thinking about sending in an application letter for this programme, and signing it "Mr L Love"

        Love it. Umm..

  3. Gert Leboski

    Hang on a minute.....

    McKinnon, Love...... It's like a Honeytrap!

    It does say that potential pen-testers need to register or be invited, but let's not let that get in the way of poking fun. :)

    1. Ole Juul

      Re: Hang on a minute.....

      I think Laurie Love is already registered.

  4. ElectricFox
    Black Helicopters

    Any white hat worth their salt

    Will insist on being being paid in bitcoin for this...

  5. AJ_Newman

    This is such a turn around for the US Army .... its only been a couple of years since they were Jailing people in the Army 'waving a flag' that many of their servers were unpatched and still using default passwords...

    1. Mark 85

      Well, you will note that there's a list of "approved targets" (for lack of a better phrase) so the ones not on the approved list might just be the unpatched, insecure ones.

      I'm just puzzled on the real reason why there's only an "approved" list. Seems to me, if you want the testing done, let the testers hit where they want or where the path leads.

  6. amanfromMars 1 Silver badge

    Vulnerable right down to their cores and completely defenceless against smart virtual exploits!?.

    A full list of Army websites and databases that bug hunters will be permitted to hack under the program will be provided to registered and invited participants.

    "Will be permitted to hack" ..... WTF. Do they imagine they are dealing with kindergarten kids?

    1. Doctor Syntax Silver badge

      Re: Vulnerable right down to their cores and completely defenceless against smart virtual exploits

      "Do they imagine they are dealing with kindergarten kids?"

      If their security is at TalkTalk level they could be.

  7. Anonymous Coward
    Anonymous Coward

    How hard is it...

    ... to break into an email server with a VNC remote client installed

  8. Mark Simon

    Could this backfire?

    Will this be subject to DMCA laws?

    In any case, I hope the military is offering a HUGE amount of cash for this. How much is a vulnerability worth to other parties?

  9. Gray
    Holmes

    Never gonna check out!

    Perhaps think of the US Army's offer as their version of the Roach Hotel... you can check in, but .,..

  10. Joeman

    Clearly the list of targets permitted to hack dont actually contain anything of any use.

    A sand-boxed replica network most likely.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon