Riot offre 100K Dollari a chi li aiuterà nella lotta contro i cheaters
Rio Cheaters – Riot alza (e di molto) la posta nella guerra contro i cheaters ed annuncia attraverso tutti i suoi principali canali social di aver stanziato ben 100 mila Dollari in favore della causa “anti-cheat“.
Stando a quanto riportato su hackerone.com, sta offrendo fino a 100 mila Dollari a chiunque riesca ad aiutarli nel migliorare il sistema anti-cheating. In pratica, qualsiasi aiuto che arrivi a Riot, ad esempio attraverso una segnalazione del tipo “facendo questa data azione si è in grado di godere di questo vantaggio”, verrà ricompensato in denaro, con dei prezzi che variano da 25 fino a 100 mila Dollari come somma massima ottenibile.
Gli sviluppatori di Riot hanno anche fatto alcuni esempi nell’apposito post creato per l’iniziativa (che troverete qui), chiedendo agli utenti: “avete trovato una qualche vulnerabilità nel nostro sistema? inviaci le informazioni cosi da permetterci di intervenire”, ed elencando tra le potenziali “falle” quelle che possono riguardare gli exploit nel gioco, i problemi alla sicurezza ed in generale i bug che possono anche riguardare i domini di Tencent o Garena, due importanti partner della software house Riot.
Estratto della pagina ufficiale
TL;DR
Any Riot services available from the Internet and any software developed by Riot Games is in scope. We consider activities conducted consistent with this policy to constitute “authorized” conduct under the Computer Fraud and Abuse Act. Publicly disclosing your bug without coordinating with us may lead to being ineligible for a bounty.
Policy
Keeping player data safe is a top priority for us, and we have teams across security, engineering, and player support that work to protect it. We strive to be as transparent as possible when it comes to our security efforts in order to help you stay informed and aware of when you may need to take action.
Rewards
If you’re able to help us protect our players and their data by responsibly identifying new security issues for us to fix, you are awesome and we want to reward you. Qualifying bugs will be rewarded based on severity. Our minimum reward is $250 USD. Rewards are granted entirely at the discretion of Riot. Publicly disclosing your bug without coordinating with us may lead to being ineligible for a bounty. We will judge this on a case by case basis.
Applications in Scope
Any Riot services available from the Internet and any software developed by Riot Games. This includes all of our web applications as well as all of the games we release.
If Riot has to implement a code change to fix the security bug, it most likely qualifies for a bounty.
Find a security vulnerability? Send it our way so we can get on it. This might include:
- Web security problems (e.g. cross-site scripting and SQL injection problems)
- Game exploits (e.g. insta-win bugs or third party game modifications)
- Other security concerns (e.g. infrastructure security problems, information disclosure issues, memory corruption)
- Bugs that are not in Riot Games owned software, such as our Player Support portal – Zendesk or our Developer Portal community – Answerhub should be reported to the organisations behind those products. You may find help at the HackerOne Disclosure Assistance page
- Bugs in the Garena domain are out of scope. Garena is a partner of ours, but they are a completely separate company and manage their own assets and infrastructure. Please reach out to them through [email protected].
- Bugs in the Tencent domain are out of scope. Tencent is a partner of ours, but they are a completely separate company and manage their own assets and infrastructure. Please reach out to them through https://hackerone.com/tencent
For other issues with your account, head over to the Player Support page.
Acquisitions are typically in the scope of this program. We may reward anything with significant impact across our entire security posture, so we encourage you to report such bugs via this program.
Cosa ne pensate community? Avete qualche problema da segnalare a RIOT? Perchè questo potrebbe essere il momento migliore per farlo!