If you want to find weaknesses in your vault or safe, it couldn't hurt to hire a thief to try and break into it. If you want to do the same thing for your brand new system-on-a-chip, the same principle applies to hackers and security experts. So goes the thinking behind Qualcomm's latest outreach to the security industry: a bug bounty program offering prizes of up to $15,000 for disclosed vulnerabilities in the company's Snapdragon chipsets and LTE modems.

This sort of thing isn't unprecedented - software vendors in particular have offered cash prizes for successful hacks for decades. The idea is that creative and intelligent hackers discover the weakest points in a given system, then inform the makers of that system instead of (or in addition to) the public. Hackers get paid, companies fix their products, everybody wins. Qualcomm's program will be administered in cooperation with HackerOne, a B2B company dedicated to this kind of organized bug identification and disclosure.

A wide variety of chipsets are currently in play: everything from the relatively outdated Snapdragon 400 (now mostly found in Android Wear devices) all the way up to the Snapdragon 821, plus four models of Snapdragon X modems. Qualcomm is also offering bounties for Android for MSM Linux vulnerabilities, root, bootloader, and modem firmware bugs, plus errors in Qualcomm's Secure Executions Environment. To qualify for the bounties, submissions must be new, exclusively submitted to the bug program, and treated as confidential until published by Qualcomm - pretty standard stuff.

If you're ready to get cracking, check out Qualcomm's full list of rules and bug tiers here.

Source: Qualcomm

PRESS RELEASE