DJI to Offer “Bug Bounty” Rewards for Reported Drone Software Vulnerabilities
Bug bounties are nothing new in the consumer tech space. Plenty of companies offer some sort of reward program for users who find and report specific flaws in a company’s software—most notably Google. But what makes this story noteworthy is the fact that the manufacturer behind it, DJI, has launched theirs after a much publicized falling out with the U.S. military.
DJI is by far the world’s largest and most successful consumer drone manufacturer, holding roughly half of the overall market share for consumer drones. Their easy-to-use and fairly affordable products have clearly caught the attention off consumers around the world, but they also caught the attention of the U.S. military. The Army began contracting with DJI to use their drones for a number of different programs. That contract ended earlier this month where DJI’s drones were found to have major security vulnerabilities that allowed hackers to find and collect all kinds of user data through a simple Google search.
In a statement on Monday, DJI said the new Threat Identification Reward Program is part of a “renewed focus on addressing concerns about DJI product security.” The company plans to partner with security researchers and academics in an effort to improve their products’ security.